In reference to http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx#EIAA
concerning XP SP2 and DCOM.
"Alternatively, you can configure these ACL settings using the registry.
These ACLs are stored in the registry at the following locations:
This is a named-value that is set to a REG_BINARY type that contains data describing the ACL of the principals that can access any COM class or COM object on the computer. The access rights in the ACL are:
These ACLs can be created using normal security functions. Note that COM_RIGHTS_EXECUTE rights must always be present, because absence of this right will generate an invalid security descriptor.
Only users with Administrator rights can modify these settings."
I would like to edit the REG_BINARY "ACL"s mentioned in the article, but I have no idea how. A program we run at the office here requires DCOM permissions that are different than the defaults. This program is installed on 50 machines, and I'm looking for an easier way to make these changes other than walking around to 50 machines, opening Component Services, .... Please note that I'm just the IT person in charge of this program at my company; I'm not a developer of this software.
So, is there a way to edit these REG_BINARY values do set them the way I want? If there is, I was hoping to save the appropriate registry key and use a batch file that each user can run themselves.
I've already tried to make changes in Component Services, then copy the "before" and "after" reg keys to notepad, but I didn't recognize a difference between the two.
This isn't an urgent question, but I have a feeling it may be difficult or require a bit of work, so I assigned points accordingly.