Error Message

Source: Enterprise Vault
Event ID: 41352
Level: Error
Description: The processing of the Upgrade Sub task has stopped following errors.
Upgrade Sub task ID: 198EF54528279C940AEE5DD8706C43AA01110000evserver1_2649
Reason: Undefined
Error Type: NonCritical
Description: Retrieving the COM class factory for remote component with CLSID {3A92686F-E5E8-4505-ABB5-49E5F725617A} from machine evserver1.ad2k8.labo.ex failed due to the following error: 80070005.
V-437-41352

Log Name: System
Source: Microsoft-Windows-DistributedCOM
Event ID: 10016
Level: Error
User: ANONYMOUS LOGON
Description:
The application-specific permission settings do not grant Remote Activation permission for the COM Server application with CLSID
{3A92686F-E5E8-4505-ABB5-49E5F725617A} and APPID {9FB267AD-C6CE-4084-A18F-5100B54964B3}
 to the user NT AUTHORITY\ANONYMOUS LOGON SID (SID-User) from address 10.10.10.10. This security permission can be modified using the Component Services administrative tool.
Event Xml:

 
   
    10016
    0

Dtrace Information:
To validate if this is the issue a Dtrace is needed, please perform the following steps on the EV server while re-creating the issue.

• For more information about Enterprise Vault’s Dtrace Utility please see 100038975.  
• Dtrace the process EVIndexVolumesProcessor for no less than 5 minutes while re-creating the issue.
• Open the log file created and search for either of the following the strings:

(EVIndexVolumesProcessor) EV-L {EVREBUILDSUBTASK.EN_US} Setting subtask [1AED2AAA63DA046DF84A1B5A9E12FF0CC1013b00evserver1] state to [FAILED].
(EVIndexVolumesProcessor) EV-H {EVREBUILDSUBTASK.EN_US} Sub task has stopped with status [FAILED]. FailedCode=[DV_DS_E_FLD_IDXSUBTASK_FAILED]. Reason=[Retrieving the COM class factory for remote component with CLSID {3A92686F-E5E8-4505-ABB5-49E5F725617A} from machine evserver1.ad2k8.labo.ex failed due to the following error: 80070005.].
(EVIndexVolumesProcessor) EV-L {EVTASKHELPER.EN_US} Updating subtask 1AED2AAA63DA046DF84A1B5A9E12FF0CC1013b00evserver1 state = EV_TASK_STATE_FAILED

Missing required permissions on StorageCrawler COM+ application for Anonymous account.

Note: The CLSID may be different in each circumstance. The CLSID mentioned in the event will match the DCOM component GUID.
To find Application based on the CLSID that relates to the GUID mentioned, follow these steps:

1) Open the Registry
2) Copy the complete GUID, including the {}
For example, {3A92686F-E5E8-4505-ABB5-49E5F725617A}.
3) Click in the Registry toolbar and choose Edit -> Find...
4) Paste the GUID into the "Find what" textbox and select "Match whole string only"
5) Click on "Find Next"

Once the application name which the GUID refers to has been found perform the following steps with regards to DCOM configuration:

1) Click Start >> Run  and type dcomcnfg (followed by return)
2) Expand "Component Services" >> Computers >> My Computer >> DCOM Config
3) Find the Application name in the list of components
4) Right-click on the application and choose Properties
5) Click on Security and Edit "Launch and Activation Permissions"
6) Add the Everyone and Anonymous Logon users and allow all Local and Remote Launch and Activation options
7) Click on Edit "Access Permissions" and add the Everyone group and allow both Local and Remote Access

After setting the DCOM permissions, follow these steps for the Local Security Policy:

1) Open the Local Security policy (Start -> Run -> secpol.msc
2) Open "Local Policies" -> "Security Options"
3) Select the "Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax", right click and choose Properties
4) Click "Edit Security"
5) Add the Anonymous Logon user and allow all Local and Remote Launch and Activation options.