Re: Issue on calling CoRegisterClassObject in service application on Windows Server 2003
From: Harry Li (Hongjiangl_at_hotmail.com)
Date: 10/30/03
- Previous message: Tomas: "Duplicate Security Log Entries"
- In reply to: Dmitrii Zakharov [MSFT]: "Re: Issue on calling CoRegisterClassObject in service application on Windows Server 2003"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 30 Oct 2003 12:24:52 -0500
Hi Dmitrii,
Thanks for your reply, sorry I didn't explain the situation clearly the
first time.
Basically, what I try to do here is to run multiple COM server instances as
NT services( I don't care it is the same sevice name or not). Since it is a
EXE COM server so that I have to call CoRegisterClassObject to register the
COM factory, and because I run it as multiple instances, I am using the
moniker to register each COM instances with runnning object table with
different string name ( profile names) so that base on different cleint
requests( contain profile name information), I will be able to find the
right COM server to forward the request.
The problem is that for win2003, if you configure the COM EXE server as
service using the "localSystem" account, you have to have an "localService"
key entry in the HKey_class_root\AppID\MyComClassId and the key value has to
be the service name otherwise you will get 0x80004015 error for
CoRegisterClassObject(). This will not work for the same COM EXE server with
different service names. I don't think you can add two the same services
either(even with different pass in arguments) from the control panel.
If you remove the "LocalService" entry from
HKey_class_root\AppID\MyComClassId, CoRegisterClassObject() will work for
all my COM service instance, however, when it tries to register with the
Running object table, it gets the same error.
So, given a sumary on this, my questions really are ( if you know): 1. what
has been changed in terms of the security for COM method:
CoRegisterClassObject and IRunningObjectTable::Register(). I tried to run
all COM my servces with machine Administrator identity, I got the same
problem. I would think that if the service process identity is machine
administrator and COM object is configured runas administrator, I should not
get any security error when calling both CoRegisterClassObject and
IrunningObjectTable::Register().
2. Is there any work around for my case?
Thank you very much and I really appreciate your help on this matter.
-Harry.
"Dmitrii Zakharov [MSFT]" <dmitriiz@microsoft.com> wrote in message
news:OdWtYpbnDHA.3612@TK2MSFTNGP11.phx.gbl...
>
>
> Hi, Harry,
>
> I know of only one case when you will see 0x80004015 returned from
> CoRegisterClassObject( ). This happens when you try to register a CLSID
that
> has an APPID with RunAs account different from your server's identity. I
> don't know whether this is what happens in your case, but it's only
> explanation I have.
>
> Now, however, I can explain why you had success in Win2000 and you
regressed
> in Win2003:
>
> In Win2000: any process can register ANY CLSID for a server if it is 1.
> service 2. running now. COM doesn't block the registration in this case.
> This is inherently a bug.
>
> In Win2003: the bug is fixed. COM blocks incorrect registration ALWAYS and
> you see the error.
>
> Hope this helps,
> Dmitrii
>
>
> "Harry Li" <Hongjiangl@hotmail.com> wrote in message
> news:Oi0RgWBmDHA.2436@TK2MSFTNGP09.phx.gbl...
> > Hi Everyone,
> >
> > I got a problem when running an COM service application on windows
Server
> > 2003 machine. It is working fine on windows 2000. Basically, I have this
> COM
> > application can be running as local server or services. It is working
> great
> > when running as local server on Windows Server 2003, but not when
running
> as
> > services. It fails when calling CoRegisterClassObject and the return
error
> > is 0x80004015, which means "The class is configured to run as a security
> id
> > different from the caller ". I did find some topics on help to get
around
> it
> > in the debug mode ( remove the LocalService name value pair from
> > "HKey_class_root\appid\your applicatoin" registry). Even I did this in
the
> > release mode, I will get the same error code when registering my COM
> object
> > in the system running table ( Call: IRunningObjectTable::Register()) I
am
> > really blocked by this. I really appreciate if any expert can help me on
> > this.
> >
> > Thanks.
> >
> > -Harry.
> >
> >
>
>
- Previous message: Tomas: "Duplicate Security Log Entries"
- In reply to: Dmitrii Zakharov [MSFT]: "Re: Issue on calling CoRegisterClassObject in service application on Windows Server 2003"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
