hey everyone gone off to join _Net ?

arun
ps: i cant be adding the logged on user into the roles -
Copies of the same process running in the same machine
are supposed to connect to the MTS using diff identities

----- Original Message -----
From: "Pratyu M" <pratyu22YAHOO.COM>
To: <DCOMDISCUSS.MICROSOFT.COM>
Sent: Friday, March 15, 2002 6:10 PM
Subject: Re: caller identification and local proxies in win2k -
E_ACCESSDENIED in CoGetClassObject

> Hi,
>
> I just did a little expt. It seems that CoInitializeSecurity fails if
> client and server are on the same machine. The credentials of logged on
> user are passed on instead.
>
> So I guess, in your case, if you add the logged on user to roles, things
> will work fine.
>
> Will anyone kindly explain why CoInitSec fails if both client and server
> are on same machine?
>
>
>
> On Fri, 15 Mar 2002 13:26:44 +0530, ArunKumar <akumarOMNESYSINDIA.COM>
> wrote:
>
> >Well i tried passing login info abt an application role member in the
> >COAUTHINFO
> >of CoCreateInstance also ( not the currently logged in user) - its the
same
> >result
> >
> >Client is able to contact the server in the sense that E_ACCESSDENIED is
> >returned
> >and not server unavailable etc - is that what u meant ?
> >
> >arun
> >
> >ps:Launch permissions are set either using machine wide DCOM settings
> >(Everyone in my case) or applications specific using role settings right
?
> >
> >
> >----- Original Message -----
> >From: "Pratyu M" <pratyu22YAHOO.COM>
> >To: <DCOMDISCUSS.MICROSOFT.COM>
> >Sent: Friday, March 15, 2002 11:45 AM
> >Subject: Re: caller identification and local proxies in win2k -
> >E_ACCESSDENIED in CoGetClassObject
> >
> >
> >> My understanding of the problem is that the logged in user doesnot have
> >> launch permission. In that case, you must pass a different user
> credential
> >> in the COAUTHINFO structure of COSERVERINFO in CoCreateInstanceEx and
> this
> >> user should have launch permission.
> >>
> >> Now if that is the case, the client should be able to contact server
> >> (without passing coauthinfo) if the server is launched before client.
is
> >> this happening?
> >>
> >>
> >> On Fri, 15 Mar 2002 11:23:05 +0530, ArunKumar <akumarOMNESYSINDIA.COM>
> >> wrote:
> >>
> >> >hi
> >> >
> >> >I want to set a differnt caller identification other than the
> >> process/thread token
> >> >- it works REMOTELY using CoInitializeSecurity with the correct
> pAuthList
> >> parameter
> >> >
> >> >Now i want to do the same with the process running LOCALLY on a w2k
> >machine
> >> >and iam not able to do it due to E_ACCESSDENIED error from
> >CogetClassObject
> >> >
> >> >Setup - w2k
> >> > Iam running my COM+ package under a particulr identity (This User)
> >> > I have set security enabled and all the roles correctly
> >> > I have also enabled all the interfaces and methods explicitly for
> ALL
> >> the roles
> >> > The current logged in user is an account that is not member of any
> of
> >> these roles OR the This user id
> >> > ACLS for the DLLS are set with full control to Everyone ( TIp from
> >> Dcom Archives)
> >> > And the default Access/Launch permission for DCOM also has the
> >Evryone
> >> in its list( TIp from Dcom Archives)
> >> > I call CoInitializeSecurity as mentioned previously with security
> >> parameter set to one of the role logins
> >> > i tried it with EOAC_NONE & EOAC_STATIC_CLOAKING also - same
> >result
> >> >
> >> >
> >> >Result
> >> > I get E_ACCESSDENIED from CogetClassObject
> >> > Security audit logs say accessdenied for the currently login user
> for
> >> lauching th package
> >> > If i remove the reuires security setting from the COM+ package it
> >> works
> >> >
> >> >
> >> >Obviously the identity i want to be set on the proxies is not being
> >done -
> >> Iam ready to call
> >> >CoSetproxyBlanket or wahetever on the inetrfaces i recieve but if i
cant
> >> even get the
> >> >CoGtClassobject to work then how do i go abt it ?
> >> >
> >> >
> >> >if its not possible using CoInitializeSecurity i have no probs
changing
> >> the identification token for
> >> >my whole process as such also - a sample code would be of great help -
> >> >
> >> >
> >> >Thanks for all comments in advance
> >> >arun
> >> >
> >> >----------------------------------------------------------------
> >> >Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
> >> >contains important info. Save time, search the archives at
> >> >http://discuss.microsoft.com/archives/index.html .
> >> >To unsubscribe, mailto:DCOM-signoff-requestDISCUSS.MICROSOFT.COM
> >>
> >> ----------------------------------------------------------------
> >> Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
> >> contains important info. Save time, search the archives at
> >> http://discuss.microsoft.com/archives/index.html .
> >> To unsubscribe, mailto:DCOM-signoff-requestDISCUSS.MICROSOFT.COM
> >>
> >
> >----------------------------------------------------------------
> >Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
> >contains important info. Save time, search the archives at
> >http://discuss.microsoft.com/archives/index.html .
> >To unsubscribe, mailto:DCOM-signoff-requestDISCUSS.MICROSOFT.COM
>
> ----------------------------------------------------------------
> Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
> contains important info. Save time, search the archives at
> http://discuss.microsoft.com/archives/index.html .
> To unsubscribe, mailto:DCOM-signoff-requestDISCUSS.MICROSOFT.COM

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:DCOM-signoff-requestDISCUSS.MICROSOFT.COM

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]