Troubleshooting Code 80070005 – Access Denied
Introduction to Code 80070005
My gut feeling is that 8070005 is a catch-all error code for any number of database / DCOM connection problems. If I had to stick my neck out, I would say that it’s a permissions problem. Thanks to readers sending in information on this error code, we are slowly building up a library of problems, and even more important, solutions.
- Local Security and Policies and DCOM
- DCOM Problem with 80070005
- Exchange Problem with error 80070005
- Solution to error 80070005 with COM component
- IIS Website Problem
- ASP database permission problem
?
General Diagnosis of Error 80070005
What I can offer is general principles, such as, pay close attention to the line number. You will soon discover that Line: number gives the best clues for solving the problem.
Following the line number, I would turn my attention to permissions, are you logged on as an administrator? What is the script trying to achieve? Does the file or folder referenced need admin rights?
Next, move check out the Source: = service. Does this mean anything to you? Research the name of the service using built-in help. See more about diagnosing VBScript problems.
Local Security and Policies and DCOM – Kindly researched by Kevin Kirk
Local Security Policies
1. Start -> Control Panel -> Administrative Tools -> Local Security Policy
2. Navigate to SecurityLocal PoliciesSecurity Options
a. Network Access: Let everyone permissions apply to anonymous users – Set to Enabled
c. DCOM: Machine Access Restrictions – Add Anonymous, Everyone, Interactive, Network, System with full rights options set.
d. Network Access: Let everyone permissions apply to anonymous users – Set to Enabled
e. Network Access: Sharing security model for local accounts – Set to Classic
The “Sharing Security model” is the real offending item I believe, and setting the above should fix the problem. If not then I went as far as setting the following in DCOMCNFG.
DCOM Configuration
1. Click Start -> Run
2. Enter DCOMCNFG and press OK. This will open the DCOMCNFG window.
3. Browse down the tree to Console Root -> Component Services -> Computers -> My Computer
4. Right click on “My Computer” and select properties
5. Select the “Default Properties” tab
a. Enable Distributed COM on this computer – Option is checked
b. Default Authentication Level – Set to Connect
c. Default Impersonation Level – Set to Identify
6. Select the “COM Security” tab
7. Click on Access Permissions ‘ Edit Default
a. Add “Anonymous”, “Everyone”, “Interactive”, “Network”, “System” with Local and Remote access permissions set.
8. Click on Launch and Activation Permissions ‘ Edit Default
a. Add “Anonymous”, “Everyone”, “Interactive”, “Network”, “System” with Local and Remote access permissions set.
9. Click on OK
10. Close the DCOMCNFG window
This was done with some trial and error on four identical HP Workstations running small vbs programs. Once one was working, I just had to figure out why the others weren’t. Guy says this is
DCOM Scenario for Error 80070005 sent in by Norbert
A script which scans for WMI data from machines in the network. If something goes wrong there’s an entry in the log file like this:
2004-09-03 13.30 ARW167: ERROR 80070005 (WMIConnect)
Cause
Lots of error 80070005 messages occur when DCOM settings on the remote machine weren’t correct.
Solution to error 80070005 sent in by Norbert
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftOle]
“EnableDCOM”=”Y”
“EnableRemoteConnect”=”Y”
“LegacyAuthenticationLevel”=dword:1
Guy Recommends: SolarWinds Engineer’s Toolset v10
The Engineer’s Toolset v10 provides a comprehensive console of utilities for troubleshooting computer problems. Guy says it helps me monitor what’s occurring on the network, and the tools teach me more about how the system itself operates.
There are so many good gadgets, it’s like having free rein of a sweetshop. Thankfully the utilities are displayed logically: monitoring, discovery, diagnostic, and Cisco tools. Download your copy of the Engineer’s Toolset v 10
Solution to error 80070005 with COM component sent in by Andy Menon
About
This paper highlights the steps involved in configuring an ASP.NET web application to work with a traditional COM component when deployed on IIS 5.0 and therefore avoid the well known error:
Retrieving the COM class factory for component with CLSID {000209FF-0000-0000-C000-000000000046} failed due to the following error: 80070005.
I’m sure that there are different solutions to this problem. This one will serve as one more addition to the long list of solutions which developers just like me have recorded over their experiences.
Recommendation: To find out more about Andy’s article, download this file
Project Overview
The project solution in discussion consists of 3 parts as shown in the following screen shot: 
1. An ASP.NET 2.0 Web application
2. A VB.NET Class library project added to the solution
3. A third –party COM Component InterOp file (highlighted in red)
The solution is developed using VS.NET 2005 that has a built-in web server. In addition, the dev environment hosts IIS5.0 that rides on Windows XP Professional SP3.
Note that, the third-party component is added as a reference to the VB.NET library project and not the web project. When the solution is built, the dependencies are moved to the bin folder of the web application. This may look trivial at first, but is enough to make you scratch your head when you deploy the project to your local IIS Server.
As seen on the left, what is added to the bin folder of the Web application is not the physical DLL for the 3rd party component. Rather, it is the Interop file that is added as a dependency. The Interop file is a wrapper class that the .NET runtime generates and uses to connect to the actual COM component. Overlooking this trivial fact is the reason why I’m penning this paper. 
COM file and InterOp file locations: Most of the hard work is done by the ASPNET user account when it comes to handling a request sent to IIS 5.0. Although this account is privileged to handle most of the stuff, instantiating and using COM components is not one of them.
Therefore, it is important to note the differences between the Interop file and the underlying COM library file. The following screen shot in comparison to the one above illustrates this. The underlying native COM DLL is located in an entirely different location.
It is possible that you’ve already configured your system to allow the ASPNET account full permissions to the InterOp file. But this does not mean that the ASPNET account can access the underlying native COM component. Most probably it can’t and this is where the catch is!
Setting file permissions to the class library project folder
The ASPNET account must have at least ‘Read’ permissions to your VB.NET project folder. As seen from this screen shot, I’ve assigned read permissions to the physical file folder of my VB.NET class library project.
You may ask me why the project folder and why not the files copied by VS.NET into the bin directory of the web application (as seen in the first screen shot). That is because, if you set the right file permissions at the original source locations, they will be copied over when the entire solution is compiled. After you’ve completed this exercise and go back into the bin folder of the web application, you will see that the file permissions assigned to the ASPNET account are same as the ones that you assigned at the original location.
Read Permission to the InterOp File:
Make sure that the InterOp file inside your class library project has read permission as well. In my case, for some reason, the InterOp file did not have read permission despite assigning read permission to the parent folder (previous screen shot). Therefore, I had to add it explicitly like so:
Read Permission to the native COM Library:
Before you assign permissions, make sure that you’ve registered the COM library on the IIS machine using regsvr32. Then, locate the physical file and assign Read & Execute permissions to it. It is important to note that your application will err out if ASPNET does not have permissions to the underlying native DLL even if it has full access permissions to its InterOP file. This can easily escape ones attention!
Guy Recommends: A Free tool from SolarWinds: Config Generator
Config Generator (CG) is a free tool, which puts you in charge of controlling changes to network routers and other SNMP devices. Boost your network performance by activating network device features that you’ve already paid for.
Guy says that for newbies the biggest benefit of this free tool is that it will provide the impetus for you to learn more about configuring the SNMP service with its ‘Traps’ and ‘Communities’.
Download your free copy of the Config Generator
Note on IIS 6.0 and higher
IIS versions 6.0 and higher do not have the ASPNET worker process (aspnet_wp.exe). Unlike versions before it, IIS 6 assigns ASP.NET requests directly to the worker processes via local procedure calls (LPCs) .
These steps above may need modifications based the type of IIS user account that is used in your environment.
CKString is the property of chilkat.com
I hope you find these steps useful.
Andy Menon
引文来源 Code Error 80070005 – Access Denied message. Permissions problems