IIS Admin Service cannot start. IIS manager shows a blank window.
It throws error code 0x80004015, "The class is configured to run as a security id different from the caller", when starting the service.
And error is found in event log when starting IIS admin service.
Event Type: Error
Event Source: W3SVC
Event ID: 1036
A failure occurred while initializing the configuration manager for the World Wide Web Publishing Service. The data field contains the error number.
The error code 80070005 means “Access Denied”.
Together there are other errors in the event log, for example
Event Source: CryptSvc
Event ID: 512
The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.
System Writer object failed to subscribe to VSS.
No file system or registry “access denied” error can be captured by Process Monitor.
Check the services and compare the status/startup to a default system.
The following services are all in running status:
· Remote Procedure call
· Secondary Logon
· Distributed Transaction Coordinator
· DCOM Server Process Launcher
The issue was resolved after we added the "SERVICE" and "Administrators" accounts back to the "Impersonate a Client after Authentication" setting and rebooted the server.
1. Start -> Run -> GPEDIT.MSC.
2. Navigate to Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignment.
3. Double-click 'Impersonate a client after authentication'.
4. Make sure that at least Administrators and SERVICE exist. If not add them and restart.