Scripting Question

DCOM Security editing script for Windows 2003

02/28/2006 10730 views
I have to edit the security permission of DCOM over windows 2003.
Requirement is to add the "administrators" and a another local group to "Access permission" and "Launch Parmission" of DCOM on the machine.
I have a script doing this but that is for Windows 98 or NT. so Object creation is failing over windows 2003.

Here is the Script, but it is failing at create object line using prog id "DCOMSecConfig.Configure".
Please suggest.

Set oSystem = CreateObject("SPSystem.System")
strServer = oSystem.ComputerName
strDomain = GetDomain(strServer)

On error Resume Next

' UserIdentity "FCSObjectBrokerA.Remote", strDomain & "\wsosystem", "Password" '- changed for Win2K
UserIdentity "FCSObjectBrokerA.Remote", strServer & "\wsosystem", "Password"

permission "FCS.IDSever"
permission "FCSDEO.Processor"
permission "FCS.IDServer"
permission "FCSObjectBrokerA.Remote"

' MsgBox "Finished configuring Dcom servers for Wall Street Office"

Sub permission ( application )

Dim principals(3)
Dim configure

' Array of users / groups to permission servers for.
principals(0) = "wsoSystem"
principals(1) = "Administrator"
principals(2) = "WSOUsers"

Set configure = CreateObject("DCOMSecConfig.Configure")

' Set launch permissions and access permissions
configure.SetLaunchPermissions application, principals
configure.SetAccessPermissions application, principals

End sub

Sub UserIdentity ( application, strDomUsr, strUsrPass )

Set configure = CreateObject("DCOMSecConfig.Configure")

' Set "run as" identity.
configure.SetServerIdentity application, strDomUsr, strUsrPass

End sub

Function GetDomain(strServer)
' v1.00

Dim objServer
Set objServer = GetObject("WinNT://" & strServer)
GetDomain = Mid(objServer.Parent, InStrRev(objServer.Parent, "/") + 1)

End Function

Thanks in Advance.

0 Comments   [ + ] Show comments


Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

All Answers

I guessing the progid of DCOMSecConfig.Configure doesn't actually exist on your system. This is most probably a custom DLL that was implemented on your older systems.

Take a look at http://www.brent-hunter.com/tools/dcomsecurity/default.asp and let me know if this is what you want...
Answered 03/01/2006 by: brenthunter2005
Fifth Degree Brown Belt


Thanks for the reply. I got the script and respective rpogid to accoplish the requirements.
Any suggetion how to add the username & password in Identity tab of DCOM.
I mean to say how to make DCOM run in specific user & configure it with that user.
Have a look to attached bmp for the requirement.
Also would like to know how i can get "DCOM_COMSeciruty.exe".

Thanks in Advance.

Answered 03/01/2006 by: jimehta
Senior Yellow Belt


This is a utility I wrote last year when I came up against this same problem.

Let me see how much work there is to update my utility to be able to add a user to the Identity tab......
Answered 03/01/2006 by: brenthunter2005
Fifth Degree Brown Belt

how i can get that utility to update the Launch permission & Access permission of DCOM.

Answered 03/03/2006 by: jimehta
Senior Yellow Belt

The easiest way (without using any utilities) is simply to write the corresponding "REG_BINARY" registry keys:

Answered 03/10/2006 by: WiseUser
Fourth Degree Brown Belt

i have the similar req.
can you help me in this respect........
Answered 09/16/2008 by: vai14sri
Yellow Belt


ORIGINAL: vai14sri
i have the similar req.
can you help me in this respect
How about DCOMPERM, from the Platform SDK? Or there's a script-friendly control here http://izzy.org/Scripts/Public/VBScripts/Misc/DCOM/docs/dcomperm.htm
Answered 09/17/2008 by: VBScab
Red Belt

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login


This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ