SAS 9.1.3 Integration Technologies » Administrator's Guide (LDAP Version)

Setting up a COM/DCOM Server
Server and Client Requirements
Summary of Setup Steps
Metadata Overview
Creating the Metadata for a COM/DCOM Server
Using the IT Administrator Wizard
Using IT Administrator
Using a Configuration File
Configuration File Example: Minimal Configuration
Configuration File Example: Using Logical Names
Enabling DCOM on the Server and the Client
Configuring SAS for DCOM
Setting SAS Permissions on the Server
Global on Windows NT/2000
Per Application on Windows NT/2000
Global on Windows XP / Server 2003
Per Application on Windows XP / Server 2003
Configuring DCOM on Windows XP SP2 / Server 2003 SP1
Configuring COM/DCOM for Active Server Page Access
Accessing a Local COM Server from an Active Server Page
Accessing a DCOM Server from an Active Server Page
Administering the Server:
Using the IT Configuration Application
Troubleshooting
Reference Materials
AppIDs for Configuring DCOM
Object Server Parameters
Attributes for Servers
Attributes for Logical Names
COM/DCOM

Setting Default COM Security on Windows XP and Windows Server 2003

Note: This topic does not apply to Windows XP Service Pack 2 and later. See Configuring DCOM on Windows XP Service Pack 2.

Default COM security affects all COM applications that do not have launch permissions of their own.

  • If authentication is used, client machines that receive events from a DCOM server must include "Everyone" in the default access permissions.
  • If authentication is not used, client machines must specify "None" in the default access permissions.

To set default COM security:

  1. From the Windows taskbar, click Start Run.

  2. Type dcomcnfg and click OK. The Component Services window appears.

    Component Services

  3. Expand the Component Services folder and expand the Computers folder. Right-click the My Computer folder and select Properties.

  4. Select the Default COM Security tab.

    DCOMCNFG Default Security Dialog

  5. From the Default COM Security tab, you must edit the Access Permissions and the Launch Permissions. For details, see the following topics:

Global Access Permissions

To set global access policies for selected users and groups from the Default COM Security tab of dcomcnfg:

  1. In the Access Permissions box, click Edit Default. The following dialog box appears, showing current registry settings for the Access Permissions:

    DCOMCNFG Default Permissions Dialog

  2. To add users and groups to the list, click Add. The Select Users, Computers, or Groups dialog box appears.

    Select Users, Computers, or Groups

  3. Use the Select Users, Computers, or Groups dialog box to identify the users and groups at your site and the type of access (allow or deny access). You should also give access permission to System. For field descriptions, refer to the Windows Help. When you are finished, click OK and then OK again to return to the Default COM Security tab.

Global Launch Permissions

To set global launch permissions for selected users and groups from the Default COM Security tab of dcomcnfg:

  1. In the Launch Permissions box, click Edit Default. The following dialog box appears, showing the current registry settings for Launch Permissions.

    Default Launch Permissions

  2. Click Add to add users and groups to the list. The following dialog box appears.

    Select Users, Computers, or Groups

  3. Use the Select Users, Computers, or Groups dialog box to identify users and groups at your site and the type of access (allow or deny launch access). It is recommended that you enter the same values that you entered for the Access Permissions. You should also give launch permission to System. When you are finished, click OK and then OK again to return to the Default COM Security tab.