McAfee Common Framework returned error 80070005 @ 2 (issue: Active Directory Group Policy)
技術的な記事 ID:
KB55725
最終更新: 4/28/2020
環境
McAfee VirusScan Enterprise (VSE) 8.x
問題
You see the following errors after you initiate an AutoUpdate:
McAfee Common Framework returned error 80070005 @ 2
Failed to initialize Common Updater subsystem
Make sure the McAfee Framework Service is running
The error occurs, when you either:
- Right-click McShield icon in the systray and click Update Now.
- Right-click AutoUpdate in the VirusScan Console and click Start.
- Create a new scheduled task.
- Try to edit the properties of the existing AutoUpdate task.
問題
You see the following errors in the Agent_<computername>.log:
I #1234 Svc Failed to start Subsystem <User Space Controller>, result=-2147024891
I #1572 FrmSvc Starting Subsystem <Management>
I #620 Manage Management plugin watch worker thread started
I #1572 Manage CManage::Start() Initialize() -- failed result=-2147024891(0x80070005)
I #620 Manage Management plugin watch worker thread terminating
I #1572 Manage call CManage::Deinitialize() -- because result=-2147024891(0x80070005)
E #1572 FrmSvc Failed to start Subsystem <Management>, result=-2147024891
I #1572 FrmSvc Starting Subsystem <Script>
原因
Local DCOM and Group Policy settings for the Framework Service cause this problem. Under most circumstances, the default settings are sufficient. But, changes to the security policy can cause problems that need this workaround.
解決策
Configuration for DCOM Settings on the Local System (documented steps for Windows 2003 SP1)
NOTE: The procedure for Windows 2003 without SP1 differs.
-
Click Start, Run, type Dcomcnfg, and click OK.
-
In the left pane, expand Console Root, Component Services, My Computer.
-
In the right pane, double-click the DCOM Config folder to expand it.
-
In the expanded DCOM Config folder, right-click FrameworkService and select Properties.
-
Click the Security tab.
-
In the Launch and Activation Permissions section, select Customize and then click Edit.
-
In the Group and user name section, select SYSTEM. Then, verify in the Permissions for SYSTEM section that Allow has been selected for:
Local Launch
Local Activation
-
In the section Group and user name, select INTERACTIVE. In the Permissions for INTERACTIVE section, ensure that Allow has been selected for:
Local Launch
Local Activation
-
Click OK.
-
In the Access Permissions section, select Customize, then click Edit.
-
In the Group and user name section, select SYSTEM. In the Permissions for SYSTEM section, ensure that Allow is selected for Local Access.
-
In the Group and user name section, select INTERACTIVE. In the Permissions for INTERACTIVE section, ensure that Allow is selected for Local Access.
NOTE: If INTERACTIVE is not listed, click ADD. Enter INTERACTIVE in the section. Enter the objects' names to select type, then click Check Names. After INTERACTIVE is underlined to show validated, click OK.
-
In the section Configuration Permissions, select Customize and then click Edit.
-
In the section Group and user name, select SYSTEM. In the Permissions for SYSTEM section, ensure that Allow has been selected for Full Control.
-
In the section Group and user name, select INTERACTIVE. In the Permissions for INTERACTIVE section, ensure that Allow has been selected for Local Access.
NOTE: If INTERACTIVE is not listed, click ADD. Enter INTERACTIVE in the section. Enter the objects' names to select type, then click Check Names. After INTERACTIVE is underlined to show validated, click OK.
Restart the McAfee Framework Service
- Click Start, Run, type services.msc, and click OK.
- Right-click McAfee Framework Service and select Restart.
- Close the Services window.
解決策
Group Policy settings for the Common Framework
Diagnose if group policy is responsible for the behavior being experienced:
- Create a new OU within Active Directory that does not have any Group Policies applied to it. Move an affected computer into the group. Or, right-click the container that holds the affected computers you are troubleshooting, and select Block Inheritance.
- Click Start, Run, type GPUPDATE.exe /force, and click OK.
- Restart your computer.
- After the restart, open the agent_computername.log and look at the bottom for the error messages listed above. Or, right-click the VirusScan Icon and select Update Now....
If no errors are seen, and functionality such as Update Now is successful, a group policy is responsible for the issue.
Identify the offending policy setting:
-
- Open the Microsoft Group Policy Console.
- Right-click Group Policy Results, select Group Policy Results Wizard, and choose to display the settings for one of the computers experiencing the issue.
NOTE: Do not select the option to not display the policies for the selected computer.
-
Click Next and then Finish. Typically, a policy has been set on the services available on the computer in Computer Configuration, Windows Settings, Security Settings, System Services, McAfee Framework Service.
NOTE: A list of services available in this Group Policy console is pulled from the local system on which the Group Policy Management console runs. So, you have to install the McAfee Framework Service to make it visible in the console. By default, no policy is set on this service. If you select the option to enforce a policy, the Group Policy and its access permissions overrule all permissions that were previously active for this service.
Option 1: Do not enforce any group policies for the McAfee Framework Service, leaving the service as Not Defined.
Option 2: Add the Everyone group with Read access to the service, in addition to the existing user permissions listed in the following matrix:
Permissions
|
Full Control
|
Read
|
Start, Stop, and Pause
|
Write
|
Delete
|
Administrators
|
X
|
X
|
X
|
X
|
X
|
System
|
X
|
X
|
X
|
X
|
X
|
Interactive
|
X
|
X
|
X
|
X
|
X
|
Service
|
X
|
X
|
X
|
X
|
X
|
Everyone
|
|
X
|
|
|
|
- If any changes have been made, click Start, Run, type GPUPDATE.exe /force, and click OK to enforce the Group Policies.
- Reboot the affected computer.
NOTE: If multiple domain controllers exist, it might take a few minutes for the changes made to replicate around to the other domain controllers.
- Right-click Group Policy Results and select Group Policy Results Wizard to examine the Resultant Set Of Policies (RSOP). Ensure that there are no other Group Policies that cause invalid permissions to be applied to the McAfee Framework Service. The service permissions are not visible using the GPRESULT utility.
NOTE: Although these Group Policy Settings are not specific to Windows XP SP2, the issue has only been observed with XP SP2.
解決策
To speed up Group Policy enforcement if conflicting policies exist on the systems:
- On the local system, click Start, Run,
- Type the following command and click OK:
%windir%\system32\gpupdate.exe /force
- Restart the Framework Service.
|