How to set a Component Services Application Identity / Credentials Programmatically

Posted on 2005-04-08
Last Modified: 2011-10-03
In component services, you can right click an application, click properties, and in the identity tab you can say "this user" and give domain\username and password.

Any ideas how to do this programmatically ?

I need it for a setup program

Question by:plq
    LVL 86

    Expert Comment

    I'm not too familiar with COM+, but maybe ("Programmatic administration of COM+ Applications with the COM+ Admin objects in VC++") can help.
    LVL 9

    Accepted Solution

    To set the identity, access and launch permissions programmatically, you basically have to write the corresponding desired entries in the Registry yourself.

    You need to build the desired security descriptor (have a look at SECURITY_DESCRIPTOR) in self-sufficient format (have a look at MakeSelfRelativeSD), then write it as a binary value under the server's AppID registry key (HKCR\AppID\{<AppID>} in these two entries (no prizes for figuring our which is which:-)

    The RunAs entry (under the same key) controls the identity under which you want to run the server. It is specified as a string value in the format "domain\account\". It can also have ‘well known’ values (e.g. "InteractiveUser"). You can leave the <domain\> part out if you want to run the server under a local user account.

    The password for the RunAs user account is stored in a secure area of the Registry (under the local security policy). Have a look at LsaStorePrivatedata. Here's an example (with no error checking):

    LSA_OBJECT_ATTRIBUTES objectAttributes;
    memset(&objectAttributes, 0, sizeof (LSA_OBJECT_ATTRIBUTES));
    objectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES);

    HANDLE policyHandle = NULL;
    LsaOpenPolicy(NULL, &objectAttributes, POLICY_CREATE_SECRET, &policyHandle);

    WCHAR key[4 + GUIDSTR_MAX + 1];
    wcscpy(key, L"SCM:");
    wcscat(key, sAppID);  // sAppID is GUID string in Unicode

    LSA_UNICODE_STRING lsaKeyString;
    lsaKeyString.Buffer = key;
    lsaKeyString.Length = (USHORT)((wcslen(key) + 1) * sizeof(WCHAR));
    lsaKeyString.MaximumLength = (GUIDSTR_MAX + 5) * sizeof(WCHAR);

    LSA_UNICODE_STRING lsaPasswordString;
    lsaPasswordString.Buffer = password;  // password is plain text in Unicode
    lsaPasswordString.Length = (USHORT) ((wcslen(password) + 1) * sizeof(WCHAR));
    lsaPasswordString.MaximumLength = lsaPasswordString.Length;

    LsaStorePrivateData(policyHandle, &lsaKeyString, &lsaPasswordString);

    You have to make sure the corresponding user account has SeBatchLogonRight. Have a look at LookupAccountName and LsaAddAccountRights.

    LVL 8

    Author Comment

    Here's an easy vb6 way for the benefit of future readers

            Set obj = CreateObject("COMAdmin.COMAdminCatalog")
            Set objApps = obj.GetCollection("Applications")
            For lCount = 0 To objApps.Count - 1
                Set objProxy = objApps.Item(lCount)
                If objProxy.Name = "My Server Name" Then
                    objProxy.Value("Identity") = sUserNameProxy
                    objProxy.Value("Password") = sPasswordProxy
                    objApps.SaveChanges 'lIndex
                    Exit For
                End If
                Set objProxy = Nothing
            gsPasswordProxy = "x"
            Set objApps = Nothing
            Set obj = Nothing

    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Join & Write a Comment

    Introduction This article is the first in a series of articles about the C/C++ Visual Studio Express debugger.  It provides a quick start guide in using the debugger. Part 2 focuses on additional topics in breakpoints.  Lastly, Part 3 focuses on th…
    What is C++ STL?: STL stands for Standard Template Library and is a part of standard C++ libraries. It contains many useful data structures (containers) and algorithms, which can spare you a lot of the time. Today we will look at the STL Vector. …
    The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.
    The viewer will be introduced to the technique of using vectors in C++. The video will cover how to define a vector, store values in the vector and retrieve data from the values stored in the vector.

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now