Hi,
I have to edit the security permission of DCOM over windows 2003.
Requirement is to add the "administrators" and a another local group to "Access permission" and "Launch Parmission" of DCOM on the machine.
I have a script doing this but that is for Windows 98 or NT. so Object creation is failing over windows 2003.


Here is the Script, but it is failing at create object line using prog id "DCOMSecConfig.Configure".
Please suggest.
==============================

Set oSystem = CreateObject("SPSystem.System")
strServer = oSystem.ComputerName
strDomain = GetDomain(strServer)

On error Resume Next

' UserIdentity "FCSObjectBrokerA.Remote", strDomain & "\wsosystem", "Password" '- changed for Win2K
UserIdentity "FCSObjectBrokerA.Remote", strServer & "\wsosystem", "Password"

permission "FCS.IDSever"
permission "FCSDEO.Processor"
permission "FCS.IDServer"
permission "FCSObjectBrokerA.Remote"

' MsgBox "Finished configuring Dcom servers for Wall Street Office"


Sub permission ( application )

Dim principals(3)
Dim configure

' Array of users / groups to permission servers for.
principals(0) = "wsoSystem"
principals(1) = "Administrator"
principals(2) = "WSOUsers"

Set configure = CreateObject("DCOMSecConfig.Configure")

' Set launch permissions and access permissions
configure.SetLaunchPermissions application, principals
configure.SetAccessPermissions application, principals

End sub

Sub UserIdentity ( application, strDomUsr, strUsrPass )

Set configure = CreateObject("DCOMSecConfig.Configure")

' Set "run as" identity.
configure.SetServerIdentity application, strDomUsr, strUsrPass

End sub

Function GetDomain(strServer)
' v1.00

Dim objServer
Set objServer = GetObject("WinNT://" & strServer)
GetDomain = Mid(objServer.Parent, InStrRev(objServer.Parent, "/") + 1)

End Function
====================================

Thanks in Advance.


Cheers
Jimit
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Answers

0
I guessing the progid of DCOMSecConfig.Configure doesn't actually exist on your system. This is most probably a custom DLL that was implemented on your older systems.

Take a look at http://www.brent-hunter.com/tools/dcomsecurity/default.asp and let me know if this is what you want...
Answered 03/01/2006 by: brenthunter2005
Fifth Degree Brown Belt

Please log in to comment
0
Hi,

Thanks for the reply. I got the script and respective rpogid to accoplish the requirements.
Any suggetion how to add the username & password in Identity tab of DCOM.
I mean to say how to make DCOM run in specific user & configure it with that user.
Have a look to attached bmp for the requirement.
Also would like to know how i can get "DCOM_COMSeciruty.exe".

Thanks in Advance.

Cheers
Jimit
Answered 03/01/2006 by: jimehta
Senior Yellow Belt

Please log in to comment
0
Hello,

This is a utility I wrote last year when I came up against this same problem.

Let me see how much work there is to update my utility to be able to add a user to the Identity tab......
Answered 03/01/2006 by: brenthunter2005
Fifth Degree Brown Belt

Please log in to comment
0
Hi
how i can get that utility to update the Launch permission & Access permission of DCOM.


Cheers
Jimit
Answered 03/03/2006 by: jimehta
Senior Yellow Belt

Please log in to comment
0
The easiest way (without using any utilities) is simply to write the corresponding "REG_BINARY" registry keys:

HKCR\AppID\{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}\AccessPermission
HKCR\AppID\{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}\LaunchPermission
Answered 03/10/2006 by: WiseUser
Fourth Degree Brown Belt

Please log in to comment
0
hi,
i have the similar req.
can you help me in this respect........
Answered 09/16/2008 by: vai14sri
Yellow Belt

Please log in to comment
0
Answered 09/17/2008 by: brenthunter2005
Fifth Degree Brown Belt

Please log in to comment
0
ORIGINAL: vai14sri
i have the similar req.
can you help me in this respect
How about DCOMPERM, from the Platform SDK? Or there's a script-friendly control here http://izzy.org/Scripts/Public/VBScripts/Misc/DCOM/docs/dcomperm.htm
Answered 09/17/2008 by: VBScab
Red Belt

Please log in to comment
Answer this question or Comment on this question for clarity