EVENT # 15343
SOURCE Microsoft-Windows-DistributedCOM
EVENT ID 10009
DATE / TIME   11/28/2009 8:36:23 PM
MESSAGE DCOM was unable to communicate with the computer ANOTHERSERVER.DOMAIN.lan using any of the configured protocol

So when you put another server on the network and just set it up for a specific purpose it may not open up all of the needed protocols in the firewall that it needs to correspond to the SBS 2008 box.

So here’s how to adjust the firewall to get the Dcom messages out of your event logs:

Event ID 10009 Source DCOM:


Check the firewall settings and enable the firewall exception rule

To check the firewall settings and enable the firewall exception rule:

  1. Click Start, and then click Run.
  2. Type wf.msc, and then click OK. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  3. In the console tree, click Inbound rules.
  4. In the list of firewall exception rules, look for COM+ Network Access (DCOM In).
  5. If the firewall exception rule is not enabled, in the details pane click Enable rule, and then scroll horizontally to confirm that the protocol is TCP and the LocalPort is 135. Close Windows Firewall with Advanced Security

Right mouse click and enable the rule


Then to get the server to be able to query the name/model of the remote server enable the WMI in the inbound firewall rules as well.



Once you do that your server will report into the console and provide the hardware information on the Network/Computers tab.


3 Responses to Dcom was unable to communicate with the computer

  1. Dennis says:

    Should the actions be performed on the SERVER, or on the machine in question that cannot be reached?

  2. admin says:

    I was lazy and just did this on the machine in question. You could do a group policy at the server to push out this policy to the machine in question.

  3. RVR says:

    As per http://support.microsoft.com/kb/957713 article we have resolved the DCOM issue.

    2.1 DCOM Event ID 10009:

    Problem: The DCOM event ID 10009 will occur when a client workstation has a misconfigured firewall or other issues affecting its network communications within the domain. For example, if the workstation is not managed by an SBS GPO. In this scenario, the DCOM event ID 10009 will happen repeatedly, potentially hundreds per day.

    Resolution: To attempt to resolve configuration issues with the firewall try the following:

    Make sure to allow remote management exception. Depending on your firewall solution this might be implemented or might require opening several ports. Unfortunately, this means opening common ports like TCP/135, TCP/139 but also a range of dynamic ports that cannot easily be defined and start at 1025. Check with your firewall manufacturer for the proper ways of allowing dynamic RPC traffic.

    If using OneCare on the SBS client machines, make sure you are using the Small Business version of Windows Live OneCare. The SBS version has a default set of firewall port exceptions as required by SBS to monitor the client workstations.

    If the workstation is on a different subnet than the SBS server and it is running Windows XP SP2 or higher, the firewall exceptions provided by the SBS group policies will not properly allow the required connectivity. You should edit the Client XP GPO and change the scope of the rules to allow subnet + the internal IP of the server. Follow the extra steps below to properly monitor XP SP2 (or higher) machines running in the SBS domain on different subnets than the SBS server, and prevent the DCOM event ID 10009 errors if that is the case.

    1. Click Start, click Run, type GPMC.MSC, and click OK.

    2. Click Continue on the UAC prompt.

    3. Expand Forest: Domain.local, Domains, Domain.local and select Group Policy Objects. (Replace Domain.local with your domain)

    4. Right-click the Windows SBS Client – Windows XP Policy and click Edit.

    5. Expand Computer Configuration, Policies, Administrative Templates, Network, Network Connections, Windows Firewall, Domain Profile.

    6. Find the IP Address of the server: Open a command prompt window (cmd.exe) from the Start menu. In the command prompt window type IPConfig and press return. Make note of the IPv4 address listed.

    7. In the Group Policy Management Editor, double click Windows Firewall: Allow inbound file and printer sharing exception

    a. In the text box labeled Allow unsolicited incoming messages from these IP addresses, add the IP (IPv4) of the server. For example, if the IP of the server is, the text box should read: localsubnet,

    b. Click OK.

    8. Repeat Steps 7.a and 7.b for the following rules:

    Windows Firewall: Allow inbound remote administration exception

    Windows Firewall: Allow inbound remote desktop exceptions