INFO: Rights and Permissions Needed by the Identity Account of an MTS/COM+ Package (276407)


The information in this article applies to:

  • Microsoft Transaction Server 1.0
  • Microsoft Transaction Server 2.0
  • Microsoft COM+ 1.0
This article was previously published under Q276407

SUMMARY

For a Microsoft Transaction Server (MTS) or COM+ package to function, the account that is used for the configured Identity must have certain user rights and NTFS permissions. If the account does not have sufficient rights or permissions, you may receive one or more of the following error messages:
"ActiveX component can't create object."

-or-

"The process cannot switch to the startup current directory D:\Winnt\system32\. Select OK to set current directory to D:\Winnt, or select Cancel to exit."

-or-

"The application failed to initialize properly (0xc0000022). Click OK to terminate the application."

-or-

"Out of memory"

-or-

Run-time error '429'. ActiveX component can't create object.

-or-

DCOM got error "Logon failure: the user has not been granted the requested logon type at this computer. " and was unable to logon .\test in order to run the server: {9E7AB7CE-6B96-4AA9-A62D-59589FA5C790}

-or-

Runtime Error '-2147467238 (8000401a)': Automation Error The server process could not be started because the configured identity is incorrect. Check the username and password.

MORE INFORMATION

To enable MTS to function properly, verify that the configured Identity has at least Read access in the NTFS permissions for the following folders:
  • The folder in which the DLL is located.
  • The \Winnt folder.
  • The \Winnt\System32 folder.
  • The \Winnt\System32\Mts folder, for the MTS case.
  • The \Program Files\Common Files folder, and all files and subfolders.
Also verify that the configured Identity has the Advanced User Right to "Log on as a Batch Job". To view the User Rights assignment in Microsoft Windows NT 4.0, do the following:
  1. Open User Manager for the local computer.
  2. From the Policies menu, click User Rights.
  3. Click to select the Show advanced user rights check box.
  4. From the drop-down list box, select Log on as a batch job.
  5. Verify that the account in question appears in the list.
To view the User Rights assignment in Microsoft Windows 2000, do the following:
  1. From the Programs menu, click Administrative Tools, and then click Open Local Security Policy.
  2. Under Local Policies, select User Rights Assignment.
  3. In the right-hand pane, double-click Log on as a batch job.
  4. Verify that the account in question appears in the list.
Modification Type:MajorLast Reviewed:6/12/2001
Keywords:kberrmsg kbinfo kbSysAdmin KB276407
©2002 Microsoft Corporation. All rights reserved.