Help needed for COM security on .Net

From: SSS (shwetshri@yahoo.com)
Date: 11/21/02 

From: shwetshri@yahoo.com (SSS)
Date: 21 Nov 2002 04:52:07 -0800

Hi,

Need help for DCOM security related problem.

I am having a problem in DCOM setup on .Net.
The code is built on Win2K with VC++ 6.0. On Win2K it works fine, but
when I run it on .Net it fails in CoRegisterClassObject().

Any help on this will be great!
Thanks in advance,
-S.

Here is the code snippet:

    SECURITY_DESCRIPTOR g_sd;

    hr = CoInitializeEx(NULL, COINIT_MULTITHREADED);
    if (FAILED(hr))
    {
        //log error
        return;
    }
    AllocateAndInitializeSid(&adminAuth, 2,
SECURITY_BUILTIN_DOMAIN_RID,
                    DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0,
&pAdminSid);

    if(!InitializeAcl(pAcl, aclSize, ACL_REVISION))
    {
        //log error
        return;
    }

    if (!AddAccessAllowedAce(pAcl,
                                ACL_REVISION,
                                COM_RIGHTS_EXECUTE,
                                pAdminSid))
    {
        //log error
        return;
    }

    // Add the ACL to the SD
    if (!InitializeSecurityDescriptor(&g_sd,
SECURITY_DESCRIPTOR_REVISION))
    {
        //log error
        return;
    }
    if(!SetSecurityDescriptorDacl(&g_sd, TRUE, pAcl, FALSE))
    {
        //log error
        return;
    }

    // Init the SD's OwnerSid and GroupSid
    if (!ImpersonateSelf(SecurityImpersonation))
    {
        //log error
        return;
    }
    // open the token to get the user and group for the new SD
    if (!OpenThreadToken (GetCurrentThread(), TOKEN_QUERY, TRUE,
&hToken))
    {
        //log error
        return;
    }

    // set the SD owner
    if (!GetUserSidFromToken(hToken, &psidUser))
    {
        return;
    }
    if (!SetSecurityDescriptorOwner(&g_sd, psidUser, FALSE))
    {
        //log error
        return;
    }

    // set the SD group
    if (!GetGroupSidFromToken(hToken, &psidGroup))
    {
        return;
    }
    if (!SetSecurityDescriptorGroup(&g_sd, psidGroup, FALSE))
    {
        //log error
        return;
    }

    if (!CoInitializeSecurity(&g_sd, -1, NULL, NULL,
RPC_C_AUTHN_LEVEL_CONNECT,
                        RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE,
NULL))
     {
        //log error
        return;
    }
    hr = CoRegisterClassObject(CLSID_SimpleObject, &classFactory,
                CLSCTX_SERVER, REGCLS_MULTIPLEUSE, &dwRegister);
    if (FAILED(hr))
    {
        g_isDCOMSupported = FALSE;
        //log error
        CoUninitialize();
        return;
    }
    else
    {
        g_isDCOMSupported = TRUE;
    }

Relevant Pages

  • Delphi DCUs
    ... I have the same version of Delphi 7 installed on both a Win2k and a Win XP ... I have installed the same level of third-party controls on both ... When I build a project with identical source code on each system, ... I am trying to certify that the executables that are built on the two ...
    (alt.comp.lang.borland-delphi)
  • WIndows XP Install Woes
    ... Built a system with a Chaintech ZNF3-150 Motherboard and ... NOT load windows XP.. ... or win2k for that matter I have all ...
    (microsoft.public.windowsxp.setup_deployment)
  • Diagnostic Tool for XP
    ... I've built several over the last few years. ... run Win2K. ... I upgraded over the last month to XP pro. ... I started thinking hardware?? ...
    (microsoft.public.windowsxp.general)
  • Re: Need FTP Recommendation
    ... What FTP services are built into Win2K, or would I be better off, ... >security wise, getting an add on program like CuteFTP Server from ...
    (microsoft.public.win2000.networking)