Event 10016 PerAppRuntimeBroker Warning

If we look at Windows 11 or Windows Server 2022 Event System Log, we can see Event 10016 PerAppRuntimeBroker (APPID: {15C20B67-12E7-4BB6-92BB-7AFF07997402}) Warning:

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user Username (…) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Event 10016 PerAppRuntimeBroker Warning


Microsoft recommendation is (DCOM event ID 10016 is logged in Windows):
“These events can be safely ignored because they don’t adversely affect functionality and are by design. It’s the recommend action for these events.”


However, these warnings are very annoying and can confuse anyone, that something is wrongly configured.


With further analysis, we can find out, that DCOM application with ID {15C20B67-12E7-4BB6-92BB-7AFF07997402} is PerAppRuntimeBroker.

In this case, the current logged in user does not have permission to Local Launch (Local Activation) DCOM Application PerAppRuntimeBroker.




It doesn’t help if we enable Local Launch (Local Activation) permission for logged in user for DCOM Application PerAppRuntimeBroker in Component Services application. We have to enable LocalLaunch (Local Activation) permission for local Users group!


We have to open Component Services application as Administrator, Computers, My Computer, DCOM Config and select Detail View from View Menu.

From the list we can find  Application PerAppRuntimeBroker with ID {15C20B67-12E7-4BB6-92BB-7AFF07997402}.


Component Services PerAppRuntimeBroker


If we right click on PerAppRuntimeBroker application and select Security Tab, everything is gray, because as administrator we don’t have permission to change DCOM Application permissions.


PerAppRuntimeBroker Properties


It is easy to change permissions for selected Application with Registry Editor (regedit.exe).

With Edit/Find command, we can find PerAppRuntimeBroker Application ID in Registry.

It is located in HKEY_CLASSES_ROOT\AppId\{15C20B67-12E7-4BB6-92BB-7AFF07997402}.


Registry PerAppRuntimeBroker


With right click and selected Permissions…, we can change permissions for selected AppId. First, we need to change the owner of registry Key.

Go to Advanced, Change Owner to Administrators group (local Administrators group, if computer is member of domain), select OK twice. Then open Permissions window once again and change permissions of Administrators group to Full Control.


PerAppRuntimeBroker permissions


Now, we have to open Component Services application as Administrator again, Computers, My Computer, DCOM Config and select Detail View from View Menu. If we right click on PerAppRuntimeBroker application and select Security Tab, we can edit Launch and Activation Permissions. When we click on Edit Button, we get a Windows Security window:


PerAppRuntimeBroker windows security


Obviously, something is wrong with permissions. So, we can choose a Remove button.

We have to Add Users group (local Users group, if computer is a member of domain). We have to set Local Launch and Local Activation Permissions for Users group.


Launch and Activation permission PerAppRuntimeBroker


That’s it. We will not see Event 10016 PerAppRuntimeBroker Warning any more in our OS.




I invite you to solve also Event 10016 Windows.SecurityCenter Warnings in Windows 11!


Written by Simon Abolnar
I am a lecturer of Informatics subjects at Higher Vocational College at the School Center Nova Gorica, located in Slovenia-EU. I have been a System Administrator of Microsoft Servers at SCNG for over 20 years.