btm/Get-CimInstance

## Get-CimInstance
PS C:\users\btm\Documents\dcom> Get-CimInstance -ClassName Win32_DCOMApplicationSetting -Property * -Filter 'AppID="{37399C92-DC3F-4B55-AE5B-811EE82398AD}"' |fl


Caption                   : AppServiceContainerBroker
Description               : AppServiceContainerBroker
SettingID                 :
AppID                     : {37399c92-dc3f-4b55-ae5b-811ee82398ad}
AuthenticationLevel       :
CustomSurrogate           :
EnableAtStorageActivation : False
LocalService              :
RemoteServerName          :
RunAsUser                 : Interactive User
ServiceParameters         :
UseSurrogate              : False
PSComputerName            :

## gistfile1.txt
In Event Viewer (eventvwr.msc) under 'Windows Logs' -> 'System', a 'Warning' every 10 seconds when the 'Xbox (Beta)' app is running on Windows 10:

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{37399C92-DC3F-4B55-AE5B-811EE82398AD}
 and APPID
{37399C92-DC3F-4B55-AE5B-811EE82398AD}
 to the user BTM-LEGION\btm SID (S-1-5-21-2978896364-2037134923-244970323-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.GamingApp_2106.1001.9.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1723189366-2159580849-2248400763-1481059666-1951766778-2756563051-3565589001). This security permission can be modified using the Component Services administrative tool.


 Ultimately in dcomcnfg I gave local launch and local activation to the special 'ALL APPLICATIONS' group

## gistfile2.txt
$objSID = New-Object System.Security.Principal.SecurityIdentifier("S-1-15-2-1723189366-2159580849-2248400763-1481059666-1951766778-2756563051-3565589001")
$rule = New-Object System.Security.AccessControl.RegistryAccessRule($objSID,"FullControl",@("ObjectInherit","ContainerInherit"),"None","Allow")

$acl = Get-Acl "HKLM:\Software\Classes\AppId\$CLSID"
$acl.AddAccessRule($rule)
$acl | Set-Acl -Path "HKLM:\Software\Classes\AppId\$CLSID"

$acl = Get-Acl "HKLM:\Software\Classes\CLSId\$CLSID"
$acl.AddAccessRule($rule)
$acl | Set-Acl -Path "HKLM:\Software\Classes\CLSId\$CLSID"
	PS C:\users\btm\Documents\dcom> Get-CimInstance -ClassName Win32_DCOMApplicationSetting -Property * -Filter 'AppID="{37399C92-DC3F-4B55-AE5B-811EE82398AD}"' \|fl


	Caption : AppServiceContainerBroker
	Description : AppServiceContainerBroker
	SettingID :
	AppID : {37399c92-dc3f-4b55-ae5b-811ee82398ad}
	AuthenticationLevel :
	CustomSurrogate :
	EnableAtStorageActivation : False
	LocalService :
	RemoteServerName :
	RunAsUser : Interactive User
	ServiceParameters :
	UseSurrogate : False
	PSComputerName :
	In Event Viewer (eventvwr.msc) under 'Windows Logs' -> 'System', a 'Warning' every 10 seconds when the 'Xbox (Beta)' app is running on Windows 10:

	The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
	{37399C92-DC3F-4B55-AE5B-811EE82398AD}
	and APPID
	{37399C92-DC3F-4B55-AE5B-811EE82398AD}
	to the user BTM-LEGION\btm SID (S-1-5-21-2978896364-2037134923-244970323-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.GamingApp_2106.1001.9.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1723189366-2159580849-2248400763-1481059666-1951766778-2756563051-3565589001). This security permission can be modified using the Component Services administrative tool.





	Ultimately in dcomcnfg I gave local launch and local activation to the special 'ALL APPLICATIONS' group
	$objSID = New-Object System.Security.Principal.SecurityIdentifier("S-1-15-2-1723189366-2159580849-2248400763-1481059666-1951766778-2756563051-3565589001")
	$rule = New-Object System.Security.AccessControl.RegistryAccessRule($objSID,"FullControl",@("ObjectInherit","ContainerInherit"),"None","Allow")

	$acl = Get-Acl "HKLM:\Software\Classes\AppId\$CLSID"
	$acl.AddAccessRule($rule)
	$acl \| Set-Acl -Path "HKLM:\Software\Classes\AppId\$CLSID"

	$acl = Get-Acl "HKLM:\Software\Classes\CLSId\$CLSID"
	$acl.AddAccessRule($rule)
	$acl \| Set-Acl -Path "HKLM:\Software\Classes\CLSId\$CLSID"