SAS 9.1.3 Integration Technologies » Server Administrator's Guide

Setting up a COM/DCOM Connection

Server and Client Requirements

Summary of Setup Steps

Planning Your Server Configuration Metadata

Standard Server Metadata

Creating Metadata Using SAS Management Console

	Defining Servers
	Modifying Servers
	Custom Workspace Servers
	OLAP Servers

Enabling DCOM on the Server and the Client

Configuring SAS for DCOM

Setting SAS Permissions on the Server

	Default on Windows NT/2000
	Per Application on Windows NT/2000
	Default on Windows XP Server 2003
	Per Application on Windows XP / Server 2003

Configuring DCOM on Windows XP SP2 / Server 2003 SP1

Configuring COM/DCOM for Active Server Page Access

	Accessing a Local COM IOM Server from an Active Server Page
	Accessing a Remote DCOM IOM Server from an Active Server Page

Administering the Server:

	Creating a Metadata Configuration File in SAS
	Using ITConfig
	Troubleshooting

Reference Materials

	AppIDs for Configuring DCOM
	Object Server Parameters
	Fields for the Server Definition

Prev | Next | Contents

COM/DCOM

Setting SAS Permissions on the Server (COM/DCOM)

Note: This topic does not apply to the following Windows environments: Windows XP Service Pack 2 and later, Windows Server 2003 Service Pack 1 and later. See Configuring DCOM on Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1.

On the machine where the server runs, you must identify who can access and launch the server. A client that needs services from a multi-user server, such as an OLAP server running as a Windows service, must have access permissions for that server. A client that needs a single user server, such as a workspace server, must have both access and launch permissions on the server application. These permissions are defined in terms of one or more Windows users or groups.

There are two ways to identify users and groups that have launch or access permission. One way is to define permissions that are specific to a server application. The other way is to specify them in the default permissions. The default permissions are used for server applications that do not have their own application-specific permissions. Because an arbitrary COM server could potentially have significant capabilities over the system, it is usually best to keep the default launch and access permission well restricted, for example, to Administrators and the System account. Granting access permissions to users and groups on a per-application basis allows those users to access a particular application without permitting them to use other COM servers that might be installed on the server machine.

Each particular server application has a name that is listed in DCOMCNFG. When executing as a COM server, the application identifies itself with an AppID, which is a UUID that identifies the application in the Windows registry. DCOMCNFG enables you to select the server application and update the Windows registry settings to control the security policy for that particular application. In SAS System 9, each type of IOM server has its own name, permission policy settings, and AppID. AppIDs for Configuring DCOM lists each of these.

These methods are discussed in the following sections: