DCOM Autho Error 529 and 681 with Default Authentication Level = N

From: Craig (Craig_at_discussions.microsoft.com)
Date: 03/16/05 

Date: Wed, 16 Mar 2005 12:05:03 -0800

Since IS moved our server out of it’s trusted domain into it own workgroup,
what we see is that when ever our remote VB application application does a
dcom CreateObject on the server MTS dlls, we get many of the following
errors Authentication security errors 681, 529, 681, 529 and the the
application continues w/o problems except slowly. We have turned off DCOM
Authentication which had no effect. We have a slowdown problem even if event
logging is turned off. There are 2 other servers (NT4 and W2K) experiencing
this problem. Is there anyway we can stop to Authentication checks and speed
up our application?

Our VB 6.0/DCOM/MS SQL application has been in production for 5 years. The
MS MTS / DCOM/ MS SQL 2000 is running on one W2K Server with SP 4. IS just
changed the server configuration from a Domain with trusts to the main
company domain to its own workgroup w/o trusts. Since that time, we are
getting a large number of Security Errors (Event ID 529 and 681 (error code =
3221225572) and system access has gotten very slow.

Default Security Properties for using dcomcnfg are Default Authentication
Level = None and Default Impersonation Level = Anonymous or Delegate, or
Identify, or Impersonate (have tried them all).

At the Component Services level Authorization Enforce Access Checks is
unchecked and Security Level = Perform Access Checks only at the process
level and Default Authentication Level = None and Default Impersonation
Level = Anonymous or Delegate, or Identify, or Impersonate (have tried them
all).

Relevant Pages

  • Re: Access denied ( From one site to another, that is in another server)
    ... server. ... you can implement impersonation through code and revert ... This posting is provided "AS IS", with no warranties, and confers no rights. ... | Integrated Authentication ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Access denied ( From one site to another, that is in another server)
    ... My web.config is set correctly and the IIS security is set correctly too at both sites ... NET site integrated authentication ... > server. ... you can implement impersonation through code and revert ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Access to server denied
    ... XP Home can access domain resources as if there was a workgroup, ... access the same way eventhough if the server is changed from workgroup to ... computers running XP Home cannot join a domain. ... Windows 98 and ME, IIRC, will use domain authentication. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Non Domain Computers trying to access shared Files on SBS2003 serv
    ... If you name the workgroup the same as the domain they will be able to ... connect after authentication. ... Server is running just fine. ... > The three workstations need to have Full access to this shared drive. ...
    (microsoft.public.windows.server.sbs)
  • RE: accessing WebService from asp.net App on load balanced Servers
    ... if you're able to successfully implement the kerberos authentication ... configuration from the client to your web server and ... kerberos token can be forwared from webserver to remote webservice server... ... | Original user impersonation will carry through to the back end server?? ...
    (microsoft.public.dotnet.framework.aspnet.security)