|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Workgroup -> Domain DCOM
From: Jonas Blunck (jonas.blunck
BLUNCK.INFO)
Date: Thu Jun 19 2003 - 02:58:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I guess you all know where to find it, but if some of you don't, here is
the URL for K Browns FAQ:
http://www.develop.com/kbrown/com/secfaq.htm
// Jonas
-----Original Message-----
From: Distributed COM-Based Code [mailto:DCOMDISCUSS.MICROSOFT.COM] On
Behalf Of Phil Reynolds
Sent: den 18 juni 2003 16:35
To: DCOMDISCUSS.MICROSOFT.COM
Subject: Re: Workgroup -> Domain DCOM
Allowing "everyone" access is not the same as allowing "anonymous"
authentication. With "everyone" DCOM will still need to authenticate
whoever is connecting, hence the need to have the same name/password on
a non-trusted machine.
Check out Keith Brown's Security FAQ for details of doing DCOM
anonymously.
-----Original Message-----
From: Lewis Jones [mailto:Lewis.JonesONBASE.COM]
Sent: 18 June 2003 15:29
To: DCOMDISCUSS.MICROSOFT.COM
Subject: [DCOM] Workgroup -> Domain DCOM
System A: Laptop with Win2K, on a workgroup, acting as a client DCOM
system. System B: Desktop with Win2K on a domain, acting as a server
DCOM system.
After busting down access permissions to allow everyone, my
mother-in-law, the Taliban, and John Gotti access to the DCOM server,
System A was still getting the infamous "Access is Denied" error.
I remembered a bit about if the server and client system use the same
named accounts and these accounts having the same password, it provides
a way for this to work, so I created a local account on System A, that
matched username and password with the DOMAIN account used on System B.
Still, no go with a 0x80070005...
Finally, I created a LOCAL account of the same name and password on
System B. That did the trick, and connection ensued...
So, the question to the esteemed people here: Is this the only way to
make a workgroup -> domain DCOM connection work?
CONFIDENTIALITY NOTICE: This message and any attached documents may
contain confidential information from Hyland Software, Inc. The
information is intended only for the use of the individual or entity
named above. If the reader of this message is not the intended
recipient, or an employee or agent responsible for the delivery of this
message to the intended recipient, the reader is hereby notified that
any dissemination, distribution or copying of this message or of any
attached documents, or the taking of any action or omission to take any
action in reliance on the contents of this message or of any attached
documents, is strictly prohibited. If you have received this
communication in error, please notify the sender immediately by e-mail
or telephone, at (440) 788-5000, and delete the original message
immediately. Thank you.
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html . To unsubscribe,
mailto:DCOM-signoff-requestDISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html . To unsubscribe,
mailto:DCOM-signoff-requestDISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:DCOM-signoff-requestDISCUSS.MICROSOFT.COM
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]