RE: COM+ with ASP web site on W2K3
From: Douglas Schlenker (Douglas.Schlenker_at_RoyalRoads.ca)
Date: 08/25/04
- Previous message: Matthew.van.Eerde_at_hbinc.com: "RE: Signed Email w/Exchange 2003, Windows 2003 PKI"
- Maybe in reply to: Dominic Cadorette: "COM+ with ASP web site on W2K3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: focus-ms@securityfocus.com Date: Wed, 25 Aug 2004 08:05:28 -0700
Hi Dominic,
I recently went through the same task as you, and had the same problems.
After spending a great deal of time researching all of the different
solutions and being unable to fix the problem, I ended up going into
Component Services, opening the properties on the COM+ Application, and
disabling the "Enforce access checks for this application" under the
security tab.
Hope that helps,
Douglas Schlenker
-----Original Message-----
From: Pawel.Janowski@bremultibank.com.pl
[mailto:Pawel.Janowski@bremultibank.com.pl]
Sent: August 23, 2004 7:28 AM
To: dominiccadorette@videotron.ca; focus-ms@securityfocus.com
Subject: RE: COM+ with ASP web site on W2K3
See in Component Services -> Creator Owner Must be "IUSR_ComputerName"
With Regards from Poland
Pawel Janowski
www.sunrise-tm.com
-----Original Message-----
From: Dominic Cadorette [mailto:dominiccadorette@videotron.ca]
Sent: Monday, August 23, 2004 1:35 AM
To: focus-ms@securityfocus.com
Subject: COM+ with ASP web site on W2K3
Dear list members,
I have a project with Windows 2003 (Enterprise). We have a COM+ application
and an ASP Web Site. The COM+ application needs to access to different DBs.
The application works fine on Windows 2000 SP4. But I installed it on a
Windows 2003 machine and I have the message "Access Denied" in my ASP page
at the line where I call the DLL included in my COM+ application. I saw in
the Application Event Log that IUser_WebServer was denied to access my COM+
application.
I made some research on the Net and I found a way to do it by adding a role
in my COM+ application for my IUser_WebServer user. After I added this
role, it works fine.
However, I was wondering if it is a security issue to do it that way. If
yes, how should I do it?
Any help or comments would be appreciated.
Thanks,
Dominic
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Matthew.van.Eerde_at_hbinc.com: "RE: Signed Email w/Exchange 2003, Windows 2003 PKI"
- Maybe in reply to: Dominic Cadorette: "COM+ with ASP web site on W2K3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
