COMADMIN_E_NOUSER (0X8011040F) user permissions fix

Quick answer

Open Component Services (dcomcnfg), find the COM+ application throwing the error, open its Properties, go to the Identity tab, and delete or replace the invalid user account. No need to reinstall anything.

Why this happens

This error shows up when a COM+ application has a user account set as its identity — and that user no longer exists. Could be a deleted domain account, a renamed local user, or a user removed from the group the app expected. You'll typically see this after a domain migration, a cleanup of old accounts, or when someone tried to be clever and deleted a service account without checking what relied on it. The COM+ runtime can't start the app because it can't verify the identity. The error code 0X8011040F is COMADMIN_E_NOUSER, and it's dead simple to fix once you know where to look.

I've seen this most often on Windows Server 2016 and 2019 machines running IIS with COM+ components, or on servers where someone migrated from an old domain. The event log will show a warning from COM+ with the error code, but the fix is always the same.

Fix steps

1. Open Component Services
   Press Win + R, type dcomcnfg, hit Enter. This opens the Component Services console.
2. Navigate to your COM+ application
   In the left tree, expand Component Services > Computers > My Computer > COM+ Applications. You'll see a list of apps. Look for the one that's failing — it might have a yellow warning icon.
3. Open the app's properties
   Right-click the problem app and select Properties.
4. Go to the Identity tab
   Click the Identity tab. This is where the user account is set. You'll likely see a user name there in the format DOMAIN\Username or .\Username.
5. Check if the user exists
   If you know the account is gone, you can skip this. But if you're not sure, open a command prompt and type net user Username /domain (for domain accounts) or net user Username (for local accounts). If it says "The user name could not be found," it's dead.
6. Remove the dead user
   In the Identity tab, select Interactive User (the current logged-on user) or This user and enter a valid account. I usually set it to Interactive User for testing, then change it to a proper service account later.
7. Apply and restart the app
   Click Apply, then OK. After that, right-click the app and choose Shut down, then right-click and Start it again. The error should be gone.

Alternative fixes if the main one fails

• Use the component services command line: Open an admin command prompt and run regsvr32 /u comadmin.dll then regsvr32 comadmin.dll. This re-registers the COM+ admin library. Then try the steps above again.
• Delete and recreate the application: If the app still won't start, export it from Component Services (right-click > Export), then delete it, and import it back. The import will ask you to set the identity fresh.
• Check for orphaned users in the registry: Sometimes a dead user is stored in the registry under HKLM\SOFTWARE\Microsoft\COM3\Applications. Manually editing that is risky — only do this if you're comfortable with registry surgery and have a backup.

Prevention tip

Never delete a user account without first checking what COM+ applications reference it. Use a free tool like PsLoggedOn or just run dcomcnfg and scan the Identity tab of every COM+ app. Document the accounts you use. If you're paranoid (and I am), create a dedicated service account with a long, complex password and use that for all COM+ apps. Then when you need to change it, you change one account, not a dozen.