Cannot open an anonymous level security token in IE 8 RRS feed

  • Question

  • I am routinely getting this message after installing IE 8. The message occuring on random sites, mainly in scenarios where a pop up window should open (or open code is called in javascript). I'm not sure what is causing it, or how I can get it to stop happening. Does anyone know what this could be related to?

    Message: Cannot open an anonymous level security token.

    I did find a page on msdn talking about the issue, but it said something about "raising the identity level". I'm not sure how to do this or if it's even related.


    Friday, April 3, 2009 5:35 PM

All replies

  • I found the answer to the same problem on my laptop.  It was in the DCOM settings.  You can type "dcomcnfg" at the run prompt, expand "Component Services" and right-click on the "My Computer" to get to properties.  From there choose the "Default Properties" tab and change the default authentication level to "Connect" and the Impersonation level to "Identify".

    Worked for me. 

    My problem was caused by some Lenel Video software that made changes to the local machine DCOM settings. 
    • Proposed as answer by Jai Maharaj Monday, November 14, 2011 3:48 AM
    Monday, April 13, 2009 4:12 PM
  • OH MY God!!!!
    Thank You So god!!! Mr. Murray

    Thursday, June 11, 2009 5:36 AM
  • Thank you very much. That worked perfectly.

    Friday, July 10, 2009 9:04 PM
  • ok, anybody know how to make the error go away from the develoment side?

    I just built a site and now none of the exterenal links work becasue of this ____.

    Monday, July 20, 2009 11:50 PM
  • Thanks Jason, this worked for me as well.. 

    Monday, September 28, 2009 2:29 PM
  • First of all, Jason, thanks a lot, this worked like a charm.

    But, how could you find this solution? i mean... this is crazy, isn't it?

    Sunday, October 18, 2009 10:14 PM
  • Thanks a bunch. This fixed my problem where nothing else even came close.
    Wednesday, December 30, 2009 5:35 PM
  • Worked great for me!  Thanks a bunch!
    Friday, February 5, 2010 4:08 PM
  • This solution is over a year old, but still is VERY useful. Worked for me, but also warned by the system, that "whatever program" made the changes to the DCOM settings, could cause other program modules to fail (communications between them), as the DCOM system is a communication technology, created by Microsoft, to support communication, between various-program modules; not necessarily from the same program.  I suggest "recording the original settings", just in case the new settings "break more than it fixes" :o).  Always pays to play it safe ;-).

    Thanks for the solution Jason.

    Tuesday, June 29, 2010 10:35 PM
  • BTW, from the manufacturer side...

    We require anonymous DCOM connections for Lenel video because common security framework such as AD/LDAP is not a requirement in our software installations and a large portion of our install base is in workgroup authentication modes. When a common security token is available and the users and computers exist as accounts in the domain, we can use authenticated DCOM settings as are the default settings which will be reset to on occasion by a MS patch or SP. Our technical support staff and Field Sales Engineers are familiar with this configuration option and can provide appropriate documentation.


    Wednesday, July 21, 2010 4:02 PM
  • WOW thanks it works!!!!!!!!!!!!!!!!! tnx tnx tnx :)
    Tuesday, September 7, 2010 7:27 AM
  • Thank you so much!!!! This error was on my last nerve. Have a great day.


    Sunday, September 12, 2010 7:51 PM
  • Worked for me. Thanks! U saved me alot of time.
    Friday, March 11, 2011 10:31 AM
  • .... Worked for me. 

    My problem was caused by some Lenel Video software that made changes to the local machine DCOM settings. 

    Jason, I am a development lead for the Lenel Video software, and although I'm happy you were able to solve your problem, I would like to set the record straight. Lenel Video software has NEVER touched machine-wide default authentication and impersonation levels.  Since XP SP2 came out, we did have to modify our installation to relax machine-wide access and activation limits.  That is done ONLY when a user wishes to allow anonymous DCOM connections to our software. Otherwise, we don't touch those either.

    As far as default authentication/impersonation, there was never a need to change them because our software uses CoInitializeSecurity COM API call to set those levels in every client and server process that's under our control.  However, I am aware that some of our integration partners, who forget to call CoInitializeSecurity in their applications, have been known to manually go into dcomcnfg and change the default authentication level to "None" in order to quickly (i.e. without recompiling) verify that their software is able to connect to Lenel recorders when explicit credentials are not specified.

    Wednesday, June 8, 2011 5:30 PM
  • Brilliant
    Monday, August 15, 2011 8:08 PM
  • Any idea pal, how you can avoid such errors from coding perspectives?

    Since i cannot tell all my clients to change their setting..


    Any help appreciated

    ~ Loveson
    Monday, October 31, 2011 7:16 AM
  • I was getting this error while attempting to open a Remote Console via HP iLO. Used the solution suggested by Jason E Murray and it worked.

    Thanks a lot to all of you guys. Keep it up.



    Regards Jai Maharaj
    Monday, November 14, 2011 3:22 AM
  • awesome man!!

    Solved my window.open problem on my windows 7 machine..........

    Thursday, December 1, 2011 8:21 PM
  • Hi Jason, thanks for driving my attention towards the setting which you suggested. It fixed the problem, but can you explain the reason as how the DCOM setting is connected to the web page settings ?



    Monday, December 26, 2011 3:53 PM
  • Thank you so much, Murray. It fixed the problem.

    Thanks a bunch again.

    Wednesday, March 7, 2012 10:02 PM
  • Thanks Jason. It works!! Do solved my problem!! Muacks!!
    Friday, March 30, 2012 3:51 AM
  • Perfect.......ohh my good..

    Funcionou perfeitamente

    Wednesday, May 23, 2012 1:43 AM
  • OMG you are the best person on the planet. I had been trying to figure it out for hours..
    Wednesday, July 2, 2014 9:12 PM
  • Your answer is very helpful :)
    Sunday, August 3, 2014 6:17 PM
  • Thank you.  Works beautifully.
    Friday, November 10, 2017 4:21 PM
  • Here we are. Nearly 10 years later, and this answer is still solving issues IN WINDOWS 10 v1709. Unreal.

    Some Windows Updates wont install due to this setting being damaged or changed somehow. Changing it back (heck, ours was set to "none") allowed Windows Update to function again (I only came across this, because upon attempting to manually install the update in question via .msu file, event viewer showed something about anonymous token blah blah blah).

    Still saving lives, this answer is.

    ------ Mike

    Wednesday, January 31, 2018 5:34 AM
  • Add me to the list of users still benefiting from this advice 10 years later. I had an issue with one of my Server 2016 VMs where the local admin functioned correctly but any other accounts could not open the start menu or any of the windows 10 settings pages. Default authentication was set to none and changing it per Jason's suggestion fixed everything. Thanks!!
    Monday, July 9, 2018 7:37 PM

  • In Windows 2016, Your Windows Search will not work.

    Also, when you click Windows 2016 Wndows Charm, nothing happens.  No menu.  I have been searching this issue for awhile.  When you install Windows Remote Desktop Session, you might run into this issue.

    Tuesday, October 2, 2018 6:40 PM