DCOM Security editing script for Windows 2003
Hi,
I have to edit the security permission of DCOM over windows 2003.
Requirement is to add the "administrators" and a another local group to "Access permission" and "Launch Parmission" of DCOM on the machine.
I have a script doing this but that is for Windows 98 or NT. so Object creation is failing over windows 2003.
Here is the Script, but it is failing at create object line using prog id "DCOMSecConfig.Configure".
Please suggest.
==============================
Set oSystem = CreateObject("SPSystem.System")
strServer = oSystem.ComputerName
strDomain = GetDomain(strServer)
On error Resume Next
' UserIdentity "FCSObjectBrokerA.Remote", strDomain & "\wsosystem", "Password" '- changed for Win2K
UserIdentity "FCSObjectBrokerA.Remote", strServer & "\wsosystem", "Password"
permission "FCS.IDSever"
permission "FCSDEO.Processor"
permission "FCS.IDServer"
permission "FCSObjectBrokerA.Remote"
' MsgBox "Finished configuring Dcom servers for Wall Street Office"
Sub permission ( application )
Dim principals(3)
Dim configure
' Array of users / groups to permission servers for.
principals(0) = "wsoSystem"
principals(1) = "Administrator"
principals(2) = "WSOUsers"
Set configure = CreateObject("DCOMSecConfig.Configure")
' Set launch permissions and access permissions
configure.SetLaunchPermissions application, principals
configure.SetAccessPermissions application, principals
End sub
Sub UserIdentity ( application, strDomUsr, strUsrPass )
Set configure = CreateObject("DCOMSecConfig.Configure")
' Set "run as" identity.
configure.SetServerIdentity application, strDomUsr, strUsrPass
End sub
Function GetDomain(strServer)
' v1.00
Dim objServer
Set objServer = GetObject("WinNT://" & strServer)
GetDomain = Mid(objServer.Parent, InStrRev(objServer.Parent, "/") + 1)
End Function
====================================
Thanks in Advance.
Cheers
Jimit
I have to edit the security permission of DCOM over windows 2003.
Requirement is to add the "administrators" and a another local group to "Access permission" and "Launch Parmission" of DCOM on the machine.
I have a script doing this but that is for Windows 98 or NT. so Object creation is failing over windows 2003.
Here is the Script, but it is failing at create object line using prog id "DCOMSecConfig.Configure".
Please suggest.
==============================
Set oSystem = CreateObject("SPSystem.System")
strServer = oSystem.ComputerName
strDomain = GetDomain(strServer)
On error Resume Next
' UserIdentity "FCSObjectBrokerA.Remote", strDomain & "\wsosystem", "Password" '- changed for Win2K
UserIdentity "FCSObjectBrokerA.Remote", strServer & "\wsosystem", "Password"
permission "FCS.IDSever"
permission "FCSDEO.Processor"
permission "FCS.IDServer"
permission "FCSObjectBrokerA.Remote"
' MsgBox "Finished configuring Dcom servers for Wall Street Office"
Sub permission ( application )
Dim principals(3)
Dim configure
' Array of users / groups to permission servers for.
principals(0) = "wsoSystem"
principals(1) = "Administrator"
principals(2) = "WSOUsers"
Set configure = CreateObject("DCOMSecConfig.Configure")
' Set launch permissions and access permissions
configure.SetLaunchPermissions application, principals
configure.SetAccessPermissions application, principals
End sub
Sub UserIdentity ( application, strDomUsr, strUsrPass )
Set configure = CreateObject("DCOMSecConfig.Configure")
' Set "run as" identity.
configure.SetServerIdentity application, strDomUsr, strUsrPass
End sub
Function GetDomain(strServer)
' v1.00
Dim objServer
Set objServer = GetObject("WinNT://" & strServer)
GetDomain = Mid(objServer.Parent, InStrRev(objServer.Parent, "/") + 1)
End Function
====================================
Thanks in Advance.
Cheers
Jimit
0 Comments
[ + ] Show comments
Answers (8)
Please log in to answer
Posted by:
brenthunter2005
18 years ago
I guessing the progid of DCOMSecConfig.Configure doesn't actually exist on your system. This is most probably a custom DLL that was implemented on your older systems.
Take a look at http://www.brent-hunter.com/tools/dcomsecurity/default.asp and let me know if this is what you want...
Take a look at http://www.brent-hunter.com/tools/dcomsecurity/default.asp and let me know if this is what you want...
Posted by:
jimehta
18 years ago
Hi,
Thanks for the reply. I got the script and respective rpogid to accoplish the requirements.
Any suggetion how to add the username & password in Identity tab of DCOM.
I mean to say how to make DCOM run in specific user & configure it with that user.
Have a look to attached bmp for the requirement.
Also would like to know how i can get "DCOM_COMSeciruty.exe".
Thanks in Advance.
Cheers
Jimit
Thanks for the reply. I got the script and respective rpogid to accoplish the requirements.
Any suggetion how to add the username & password in Identity tab of DCOM.
I mean to say how to make DCOM run in specific user & configure it with that user.
Have a look to attached bmp for the requirement.
Also would like to know how i can get "DCOM_COMSeciruty.exe".
Thanks in Advance.
Cheers
Jimit
Posted by:
brenthunter2005
18 years ago
Hello,
This is a utility I wrote last year when I came up against this same problem.
Let me see how much work there is to update my utility to be able to add a user to the Identity tab......
This is a utility I wrote last year when I came up against this same problem.
Let me see how much work there is to update my utility to be able to add a user to the Identity tab......
Posted by:
jimehta
18 years ago
Hi
how i can get that utility to update the Launch permission & Access permission of DCOM.
Cheers
Jimit
how i can get that utility to update the Launch permission & Access permission of DCOM.
Cheers
Jimit
Posted by:
WiseUser
18 years ago
The easiest way (without using any utilities) is simply to write the corresponding "REG_BINARY" registry keys:
HKCR\AppID\{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}\AccessPermission
HKCR\AppID\{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}\LaunchPermission
HKCR\AppID\{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}\AccessPermission
HKCR\AppID\{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}\LaunchPermission
Posted by:
vai14sri
15 years ago
hi,
i have the similar req.
can you help me in this respect........
i have the similar req.
can you help me in this respect........
Posted by:
brenthunter2005
15 years ago
You can find the utility here: http://www.brent-hunter.com/tools/DCOM_COMSecurity/DCOM_COMSecurity.exe
Posted by:
anonymous_9363
15 years ago
ORIGINAL: vai14sriHow about DCOMPERM, from the Platform SDK? Or there's a script-friendly control here http://izzy.org/Scripts/Public/VBScripts/Misc/DCOM/docs/dcomperm.htm
i have the similar req.
can you help me in this respect
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.