Re: Registry Access Problem after Impersonation

From: Ramiro Calderon Romero (rcrdev@hotmail.com)
Date: 03/28/03 

From: "Ramiro Calderon Romero" <rcrdev@hotmail.com>
Date: Thu, 27 Mar 2003 20:32:44 -0500

Joel,

> My real problem is that I'm trying to figure out how to debug the
> application. As a follow-on, when I add the iusr account to the admin
> group I don't get this exception. Any ideas on which settings would
> be required and are different between the default iusr account and the
> admin group?

The component services documentation states:

"To perform this procedure (Installing COM+ Server Applications), you need
to be a member of the Administrator role on the target computer's system
application. In the default configuration, only local computer
administrators are assigned to this role. For more information, see Setting
Security."

I'm afraid you must add the IUSR account in the administrators groups as you
mentioned before. Such scenario implies a potencial security hole and it is
required in order to register the serviced component the first time only
(from my point of view, the benefit isn't worth the cost)

If you need to debug your application, you can register your serviced
component first (with regsvc tool) and perform any debugging-related stuff
afterwards.

Hope this helps, 

--
Ramiro Calderon
MCAD MCSD
"Joel Orcutt" <jorcutt@steelpoint.com> wrote in message
news:a6bb8159.0303270603.1888a755@posting.google.com...
> Thanks for the suggestion.
>
> My real problem is that I'm trying to figure out how to debug the
> application.  As a follow-on, when I add the iusr account to the admin
> group I don't get this exception.  Any ideas on which settings would
> be required and are different between the default iusr account and the
> admin group?
>
> > Hi,
> > According to the exception, it seems like the self-registration of a
> > Serviced Component doesn't work; maybe it's because a permissions issue.
> > Maybe you can register it first using the "regsvc" utility at deployment
> > time instead of relying in the self-registration feature of serviced
> > components at runtime.
> >
> > Hope this helps,
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003

Relevant Pages

  • Re: Using a network-drive with IIS 6.0
    ... what settings I have to make under IIS 6.0? ... >Virtual drives also won't do the trick because the routines the CGI-EXE is ... check that your IUSR account has ... the profile of every account on the server. ...
    (microsoft.public.inetserver.iis)
  • RE: Access requires password
    ... How does one check to make sure the IUSR account is not ... In teh process of trying to get the site accessable over ... >| I have checked NT settings and all the settings on IIS ...
    (microsoft.public.inetserver.iis.security)
  • Re: Problems enabling anonymous access
    ... I gave the IUSR account read access and enabled anonymous on ... > settings there similarily to what you had to do under the portal. ... > Microsoft MVP - SharePoint Portal Server ...
    (microsoft.public.sharepoint.portalserver)
  • RE: changing anonymous user to a specific domain user account
    ... recommended to **NOT** run the IUSR account as an admin. ... would definately disable the FileSystemObject by renaming and\or deleting ... cscript adsutil.vbs set w3svc/anonymoususerpass ...
    (microsoft.public.inetserver.iis.security)
  • Re: Registry Access Problem after Impersonation
    ... when I add the iusr account to the admin ... group I don't get this exception. ... > Serviced Component doesn't work; maybe it's because a permissions issue. ... > time instead of relying in the self-registration feature of serviced ...
    (microsoft.public.dotnet.framework.aspnet.security)