/build/static/layout/Breadcrumb_cap_w.png

Automating DCOMCNFG

Hi There all,

I've done extensive googling looking for a tool/script/anything to help
me do this to no avail...

What I need is a script/tool/utility that will automate the following
steps for me...

Open dcomcnfg
Go To Component Services/Computers
Right Click on My Computer, select Properties
Click on Default Com Security tab, and under "Access Permissions",
click "Edit Default"
Add a new user and close.

I know this maps to the
HKLM\Software\Microsoft\OLE\DefaultAccessPermissions Key but I can't
figure out how to add/remove to the encoded ACL in there... can anyone
help?

I need to add it as a custom action in a package I'm creating (as well as adding a new user, setting various other security settings all over the place, I've got those sorted just this one left).

Rgds

Paul

0 Comments   [ + ] Show comments

Answers (9)

Posted by: brenthunter2005 18 years ago
Fifth Degree Brown Belt
2
This can be done using VBScripting and WMI.

Google for: wmi Win32_DCOMApplicationSetting
Posted by: kkaminsk 19 years ago
9th Degree Black Belt
0
Look into dcomperm.exe. I never found a good reference to the command line switches but it will configure security settings from the command line.
Posted by: plangton 19 years ago
Second Degree Blue Belt
0
Hey kkaminsk,

Yep I found lots of references to said dcomperm, but no download links other than a 160 meg source code package from MSDN that has heaps of other stuff in it that refuses to download from work - any help as to where to get it from?

Thanks

Paul
Posted by: kkaminsk 19 years ago
9th Degree Black Belt
0
Well it should be available here http://www.iapetus.com/dcom/dcomtool.htm but it appears to be offline. I used it at a previous client site so I might be able to get a copy from there but it looks like this will be a fun one to track down.
Posted by: plangton 19 years ago
Second Degree Blue Belt
0
Hi kkaminsk,

Yep I saw that too, was hoping google would have a cache of it but sadly, no luck. Man its hard sometimes, cant do this through WMI/vbscript you think?? I'll have a play around and post my results :)

Rgds

Paul
Posted by: plangton 19 years ago
Second Degree Blue Belt
0
Well I've FINALLY downloaded the source code but of course no one has a copy of Visual C++ handy - anyone feel like compiling this for me please??? :)
Posted by: plangton 18 years ago
Second Degree Blue Belt
0
Wow, you can too, I searched MSDN thinking there must be a way but obviously I didn't look hard enough, thanks for that BrentHunter - though that dcomperm.exe also does the job just fine, this is much more useful!

*edit* actually, that class doesn't let you change apparently
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wmisdk/wmi/win32_dcomapplicationsetting.asp
States that all the values are read only

And the following links seem to back that up...
(http://groups.google.com.au/group/microsoft.public.win32.programmer.wmi/browse_frm/thread/6cddf9ba463ac5/598ba01fa2cd22ba?lnk=st&q=Win32_DCOMApplicationSetting&rnum=1&hl=en#598ba01fa2cd22ba
http://groups.google.com.au/group/microsoft.public.win32.programmer.wmi/browse_frm/thread/c76db86d2d1dabae/0a3e0c9711b7063a?lnk=st&q=Win32_DCOMApplicationSetting&rnum=5&hl=en#0a3e0c9711b7063a

Looks like you can only echo whats already there... bummer

Unless I've read this wrong?

Rgds

Paul
Posted by: brenthunter2005 18 years ago
Fifth Degree Brown Belt
0
bugger. [:(]
Posted by: AngelD 18 years ago
Red Belt
0
Maybe this could help you http://cwashington.netreach.net/depo/view.asp?Index=1067&ScriptType=vbscript
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ