Disabling DCOM on remote clients

Posted on 2006-05-18
Medium Priority
Last Modified: 2012-08-13
I need to disable the distributed COM on about 100 clients....is there a tool out there that would let me do that remotely????


Question by:mcguires13

Accepted Solution

markandrew21 earned 1000 total points
ID: 16713799
100 computers.... Id say you have your work cut out for you.

Steve Gibson has a useful tool that will test and disable DCOM.
Its not remotely administered, but it might save you some time.

LVL 70

Assisted Solution

Merete earned 1000 total points
ID: 16726256
Hi this is only a stab in the dark as I donot have a lot of experience in this area, I would like to sight this web page,
as no other EE have offered help, maybe it will jog some reponses.:)

Enabling and Disabling DCOM
When a computer is part of a network, the DCOM wire protocol enables COM objects on that computer to communicate with COM objects on other computers. You can disable DCOM for a particular computer, but doing so will disable all communication between objects on that computer and objects on other computers.

Disabling DCOM on a computer has no effect on local COM objects. COM still looks for launch permissions that you have specified. If no launch permissions have been specified, default launch permissions are used. Even if you disable DCOM, if a user has physical access to the computer, they could launch a server on the computer unless you set launch permissions not to allow it.

Warning   If you disable DCOM on a remote computer, you will not be able to remotely access that computer afterwards to reenable DCOM. To reenable DCOM, you will need physical access to that computer.

    To manually enable (or disable) DCOM for a computer:

Run Dcomcnfg.exe.
Choose the Default Properties tab.
Select (or clear) the Enable Distributed COM on this Computer check box.
If you will be setting more properties for the machine, click the Apply button to enable (or disable) DCOM. Otherwise, click OK to apply the changes and exit Dcomcnfg.exe.


You may want to take a look at this too.
DCOM, XP SP2, and Remote Debugging

Hope it helps.
LVL 10

Expert Comment

by:Walter Padrón
ID: 16736836
Hi mcguires13,

You need to change the registry HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\EnableDCOM to "N", if you have an active directory domain you can modify the registry via Group Policy or run a Logon Script.

See this "How to disable DCOM support in Windows" http://support.microsoft.com/kb/825750 for more info.


Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

1. Introduction As many people are interested in Linux but not as many are interested or knowledgeable (enough) to install Linux on their system, here is a safe way to try out Linux on your existing (Windows) system. The idea is that you insta…
Sometimes a user will call me frantically, explaining that something has gone wrong and they have tried everything (read - they have messed it up more and now need someone to clean up) and it still does no good, can I help them?!  Usually the standa…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question