I am trying to determine why access to our AppPortal GUI appeared to be unavailable for a certain time period or if the authentication attempt issues was a result of AppPortal trying to validate software requests to SCCM. I would guess an issue with Active Directory but want to confirm the log message is accurate.
Error snippet below is from UserLog\ZZ_XXXXXXXX (username and domain was changed here to protect data)
Making call to get Group membership. Domain = NA; UniqueName = ZZ\XXXXXXXX Proceed 12/6/2021 3:58:58 AM 1 (0x0001)
Triggered method GetGroupsFromActiveDirectory GetGroupsFromActiveDirectory 12/6/2021 3:58:58 AM 1 (0x0001)
HasUntrustedDomains = FALSE GetGroupsFromActiveDirectory 12/6/2021 3:58:58 AM 1 (0x0001)
Error : GetPageAccessLevel failed to get Member Groups at - Retrieving the COM class factory for component with CLSID {274FAE1F-3626-11D1-A3A4-00C04FB950DC} failed due to the following error: 800703fa Illegal operation attempted on a registry key that has been marked for deletion. (Exception from HRESULT: 0x800703FA). Proceed 12/6/2021 3:58:58 AM 1 (0x0001)
Trying to get GUID for UniqueName ZZ\XXXXXXXX Proceed 12/6/2021 3:58:58 AM 1 (0x0001)
NULL GUID returned Proceed 12/6/2021 3:58:58 AM 1 (0x0001)
Dec 06, 2021 07:57 AM
I've seen this reported on occasion. It is not really directly related to either App Broker or Active Directory. Typically, you can resolve the issue permanently by changing a group policy setting on the server. If you look at the resolution section in the following article, it is mentioned that there is a group policy setting that can resolve the behavior.
A COM+ application may stop working in Windows when a user logs off
To summarize, try setting the "Do not forcefully unload the user registry at user logoff " group policy to "enabled". The policy can be found in the group policy editor (gpedit.msc) under Computer Configuration->Administrative Templates->System-> UserProfiles
Dec 06, 2021 08:43 AM
I've seen this reported on occasion. It is not really directly related to either App Broker or Active Directory. Typically, you can resolve the issue permanently by changing a group policy setting on the server. If you look at the resolution section in the following article, it is mentioned that there is a group policy setting that can resolve the behavior.
A COM+ application may stop working in Windows when a user logs off
To summarize, try setting the "Do not forcefully unload the user registry at user logoff " group policy to "enabled". The policy can be found in the group policy editor (gpedit.msc) under Computer Configuration->Administrative Templates->System-> UserProfiles
Dec 06, 2021 08:43 AM
Any time I see that message about a registry key being marked for deletion, I just reboot my server and it clears up. Good to know there is a better solution. Thanks, Kevin, for raising the question, and thanks, Charles, for the answer!
Dec 27, 2021 01:59 PM