Click here to Skip to main content
8,858,553 members and growing!
  
Email Password   Lost password?
Search within:



add
Add to your CodeProject bookmarks
Print Article
Site map
 » Platforms, Frameworks & Libraries » COM / COM+ » DCOM
Licence 
First Posted 7 Oct 2001
Views 125,760
Bookmarked 31 times

DCOM Access Denied Problem

By | 7 Oct 2001 | Article
This article will walk you through configuring two computers to share a COM component as a distributed component(DCOM).
ArticleBrowse CodeStatsRevisionsAlternatives
  Discuss
Discuss this article
 10  

Introduction

What makes you feel better when you work as a team, that there are people near you who can give you help whenever you need, and you have to be ready to help them when they need help. I was working with a team, using COM technology in our project, and we have faced the DCOM problem as most of you, and we have solved it gracefully. We decided as a team to document the required steps to configure a smooth DCOM component. Thanks for Naim Tobassi and Rebat Hiary who made these steps available for me, and now I'm posting these steps for all Code Project people.

DCOM

The Distributed Component Object Model (DCOM) is a protocol that enables software components to communicate directly over a network in a reliable, secure, and efficient manner. Previously called "Network OLE," DCOM is designed for use across multiple network transports, including Internet protocols such as HTTP. DCOM is based on the Open Software Foundation's DCE-RPC spec and will work with both Java applets and ActiveX components through its use of the Component Object Model (COM).

DCOM configuration

Before starting, I’ll define the following terms:

  • PC1: is the name of the machine which will play the Client role.
  • PC2: is the name of the machine which will play the Server role (Component will be accessed here).
  • Rebat Hiary: is the name of the user who will run the applications on PC1 which are needed by the DCOM on PC2.
  • Naim Tobassi: is the name of the user who will be logged in while accessing the DCOM on PC2.

How to configure the server side

  • Register you component
  • Open the dcomcnfg tool
  • In the Applications tab, select your application, Click on Properties… button
  • Properties -> General tab -> Authentication Level combo box. Select Default.
  • Properties -> Location tab. Select Run application on this computer.
  • Properties -> Security tab. Select Use custom access permissions option box, click on Edit button, and then click on Add button to add the following users (Allow Access):
    • Rebat Hiary
  • Properties -> Security tab. Select Use custom launch permissions option box, click on Edit button, and then click on Add button to add the following users (Allow Launch):
    • Rebat Hiary
    • PC2/Administrators
    • System
    • Interactive
  • Properties -> Security tab. Select Use custom configuration permission option box, click on Edit button, and then click on Add button to add the following users:
    • Naim Tobassi
    • Rebat Hiary
    • Everyone
    • System
    • Owner creator
    • PC2/Power Users
    • PC2/Administrators
  • Properties -> Identity tab. Select The interactive user option box.
  • Click on OK button to return back to the Distributed COM Configuration Properties window.
  • Default Properties tab. Select Enable Distributed COM on this computer check box.
  • Default Properties tab -> Default Authentication Level combo box. Select Connect.
  • Default Properties tab -> Default Impersonation Level combo box. Select Anonymous.
  • Default Security tab. On the Default Access Permission frame, click on Edit Default… button, and add the following users (Allow Access):
    • Everyone
    • Rebat Hiary
  • Default Security tab. On the Default Launch Permission frame, click on Edit Default… button, and add the following users (Allow Launch):
    • Everyone
    • Interactive
    • PC2/Administrators
    • System
    • Rebat Hiary
  • Default Security tab. On the Default Configuration Permissions frame, click on Edit Default… button, and add the following users:
    • Naim Tobassi
    • Everyone
    • System
    • Creator Owner
    • PC2/Power Users
    • PC2/Administrators

How to configure the client side

  • Register your component.
  • Open the dcomcnfg tool.
  • In the Applications tab, select your application and click on Properties… button.
  • Properties -> General tab -> Authentication Level combo box. Select Default.
  • Properties -> Location tab. Remove selection from Run application on this computer option box, and select Run application on the following computer option box. Click on Browse... button, and select the requested target machine (PC2).
  • Properties -> Security tab. Select Use custom access permissions option box. Click on Edit button, and then click on Add button, add the following users (Allow Access):
    • Rebat Hiary
    • Everyone
  • Properties -> Security tab. Select Use custom launch permissions option box, click on Edit button, and then click on Add button, add the following users (Allow Launch):
    • Everyone
    • Rebat Hiary
    • PC1/Administrators
    • System
    • Interactive
  • Properties -> Security tab. Select Use custom configuration permission option box, click on Edit button, and then click on Add button, add the following users:
    • Rebat Hiary
    • Everyone
    • System
    • Creator Owner
    • PC1/Power Users
    • PC1/Administrators
  • Properties -> Identity. Select The interactive user option box.
  • Click on OK button to return back to the Distributed COM Configuration Properties window.
  • Default Properties tab. Select Enable Distributed COM on this computer check box.
  • Default Properties tab -> Default Authentication Level combo box. Select Connect.
  • Default Properties tab -> Default Impersonation Level combo box. Select Anonymous.
  • Default Security tab. On the Default Access Permissions frame, click on Edit Default… button, click on Add and add the following users (Allow Access):
    • Everyone
    • Rebat Hiary
  • Default Security tab. On the Default Launch Permissions frame click on Edit Default… button, click on Add and add the following users (Allow Launch):
    • Interactive
    • PC1/Administrators
    • System
  • Default Security tab. On the Default Configuration Permissions frame, click on Edit Default… button, click on Add and add the following users:
    • Rebat Hiary
    • Everyone
    • System
    • Creator Owner
    • PC1/Power Users
    • PC1/Administrators
  • (VERY IMPORTANT) Delete the EXE component from client machine.

Notes:

  • If the above steps didn't work with you, you can make the following as extra steps:
    • Generate the Proxy/Stub DLL.
    • Register it on both machines, PC1 and PC2.
  • If you found that these steps are missing something important, please, inform me just to update this article.
  • Warning! Playing with DCOMCNFG tool incorrectly, might harm your machine.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

About the Author

Shadi Al-Kahwaji



Jordan Jordan

Member

Article Top
 
Sign Up to vote   Poor Excellent
Add a reason or comment to your vote: x
Votes of 3 or less require a comment

Comments and Discussions

 
You must Sign In to use this message board. (secure sign-in)
 
Search this forum  
 FAQ
    Noise  Layout  Per page   
  RefreshFirst Prev Next
GeneralInterface Not Supported PinsussEduardoAmorim5:26 31 Mar '05  
GeneralError 70: Permission Denied PinsussAnonymous23:18 9 Sep '03  
Generalpermission denied and clas not registered Pinsussborisoto11:35 22 Aug '02  
GeneralRe: permission denied and clas not registered PinmemberMember 320912617:54 15 Jan '09  
GeneralClass Not Registered. PinmemberAnderson Haertel Rodrigues9:11 21 May '02  
GeneralRe: Class Not Registered. PinsussBorisoto11:13 22 Aug '02  
Generalsecurity PinmemberHaresh21:37 2 May '02  
GeneralRegistering DCOM Object PinmemberJaywalker9:32 15 Mar '02  
GeneralAccess Denied PinmemberRashid Thadha0:50 8 Oct '01  
GeneralRe: Access Denied PinmemberShadi Al-Kahwaji0:53 8 Oct '01  
Last Visit: 15:07 24 May '12     Last Update: 11:07 24 May '12 1

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink | Advertise | Privacy | Mobile
Web02 | 2.5.120517.1 | Last Updated 8 Oct 2001
Article Copyright 2001 by Shadi Al-Kahwaji
Everything else Copyright © CodeProject, 1999-2012
Terms of Use
Layout: fixed | fluid

The Code Project Insider. Free each morning.
Client/Server connection using DCOM, with anonymous access
WCF Service Behavior Example: IPFilter - Allow/Deny Access by IP Address
DCOM D-Mystified: A DCOM Tutorial, Step 5
DCOM D-Mystified: A DCOM Tutorial, Step 6
DCOM D-Mystified: A DCOM Tutorial, Step 1
DCOM D-Mystified: A DCOM Tutorial, Step 7
Offset weaknesses of DCOM with strong points of socket
DCOM D-Mystified: A DCOM Tutorial, Step 2
DCOM Transport
DCOM D-Mystified: A DCOM Tutorial, Step 4
DCOM D-Mystified: A DCOM Tutorial, Step 3
How to Programmatically add IP Addresses to IIS's Deny Access List using C# and WMI
DCOM D-Mystified.NET 2003: A DCOM Tutorial, Step 5
DCOM D-Mystified.NET 2003: A DCOM Tutorial, Step 2
DCOM D-Mystified.NET 2003: A DCOM Tutorial, Step 1
Bringing DCOM remoting functionality to Windows CE and .NET CF2.0
DCOM D-Mystified: Questions and Answers
DCOM D-Mystified.NET 2003: A DCOM Tutorial, Step 3
DCOM D-Mystified.NET 2003: A DCOM Tutorial, Step 4
Passing C++ classes across DCOM