COM/DCOM
Accessing a Local COM IOM Server from an Active Server PageWhen you access a local COM IOM server from an Active Server Page (ASP), SAS and Internet Information Services (IIS) are
both installed on the same machine. To configure local COM IOM in an ASP, you must ensure that the user who is launching the process has the proper permissions. Follow the configuration instructions to configure permissions either for Windows NT 4, or for Windows 2000 and XP. Configuring Windows NT4 with IIS to Access a Local COM IOM ServerIn IIS 4, the System account owns the IIS process and all of its child processes. When the local
COM IOM server launches through an active server page (ASP), the launching user is identified as the
System account. Use dcomcnfg to verify that the System account has launch and access permissions
for the SAS.Workspace (SAS Version 9.1) application.
Configuring Windows 2000 or XP with IIS to Access a Local COM IOM ServerIn IIS 5, all processes, both pooled and isolated, are now COM+ Applications. For this reason, you must configure an additional level of security and add different users to the access and launch permissions for the SAS.Workspace (SAS Version 9.1) application. For more details, refer to Configuring Windows 2000 or XP with IIS 5 Remote DCOM and COM+ Settings. There are two different types of authentication, Anonymous Access and Basic Authentication. Note: If you are using Windows XP as your Web server platform, it is recommended that you use Basic Authentication instead of Anonymous Access.Anonymous AccessEnabling anonymous access allows all inbound Web clients to use the identity of the IUSR_<machine name> user. The IWAM_<machine name> user launches the IIS process. Therefore, you must configure the following security permissions:
where <machine name> is the name of your machine or a slight variation. These users are part of the \\<machine name>* domain and will appear if you click Show Users. By default, the IUSR_<machine name> and IWAM_<machine name> users have launch permissions for all DCOM applications. However, use dcomcnfg to verify that the launch permissions are properly configured.
Basic AuthenticationNote: This configuration also works for Integrated Windows authentication. For basic authentication, all inbound Web clients must authenticate as a specific user in order to gain access to the Web page. The following security options must be configured:
By default, the IWAM_<machine name> has launch permissions for all DCOM applications. However, use dcomcnfg to verify that the launch permissions are properly configured.
|