OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: ArunKumar (akumarOMNESYSINDIA.COM)
Date: Thu Mar 14 2002 - 23:53:05 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    hi

    I want to set a differnt caller identification other than the process/thread token
    - it works REMOTELY using CoInitializeSecurity with the correct pAuthList parameter

    Now i want to do the same with the process running LOCALLY on a w2k machine
    and iam not able to do it due to E_ACCESSDENIED error from CogetClassObject

    Setup - w2k
        Iam running my COM+ package under a particulr identity (This User)
        I have set security enabled and all the roles correctly
        I have also enabled all the interfaces and methods explicitly for ALL the roles
        The current logged in user is an account that is not member of any of these roles OR the This user id
        ACLS for the DLLS are set with full control to Everyone ( TIp from Dcom Archives)
        And the default Access/Launch permission for DCOM also has the Evryone in its list( TIp from Dcom Archives)
        I call CoInitializeSecurity as mentioned previously with security parameter set to one of the role logins
            i tried it with EOAC_NONE & EOAC_STATIC_CLOAKING also - same result

    Result
        I get E_ACCESSDENIED from CogetClassObject
        Security audit logs say accessdenied for the currently login user for lauching th package
        If i remove the reuires security setting from the COM+ package it works

    Obviously the identity i want to be set on the proxies is not being done - Iam ready to call
    CoSetproxyBlanket or wahetever on the inetrfaces i recieve but if i cant even get the
    CoGtClassobject to work then how do i go abt it ?

    if its not possible using CoInitializeSecurity i have no probs changing the identification token for
    my whole process as such also - a sample code would be of great help -

    Thanks for all comments in advance
    arun

    ----------------------------------------------------------------
    Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
    contains important info. Save time, search the archives at
    http://discuss.microsoft.com/archives/index.html .
    To unsubscribe, mailto:DCOM-signoff-requestDISCUSS.MICROSOFT.COM