Solved

How to set  a user permission within a DCOM Config trough a batch procedure

Posted on 2006-10-29
3
2,607 Views
Last Modified: 2013-12-04
Hi,
In dcomcnfg\component services\computers\My Computer\dcom config\     propreties on one of the components
Security tab\costomize add user. Is there any way to add users and set permission using an automatic procedure or utility, on that component.
0
Comment
Question by:gregajesih
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 6

Accepted Solution

by:
dave_moats earned 250 total points
ID: 17841357
Interesting topic, I did some searching and found the following EE link:

   http://www.experts-exchange.com/Programming/Programming_Languages/Visual_Basic/Q_21496861.html

This and all the other links I found talk about using something called "dcomperm".  It appears that dcomperm is an SDK sample from Microsoft located:

   http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vcsample98/html/vcsmpdcompermpermissionsforcomserver.asp

Using this link will take you to the Visual Studio 6.0 Samples, all the samples are about a 132Mb download

After installing the samples, open the .chm file and search for dcomperm.  This will give you a link to the actual source code.  Once you have extracted this and compiled it, you will be able to use dcomperm.  View the README.txt file, it appears to have instructions on how to use the exe.

There appeard to be some WMI options for Longhorn and Vista according to:
 
   http://www.mcse.ms/archive68-2006-3-2141217.html
   
Which appears to be talking about:

   http://windowssdk.msdn.microsoft.com/en-us/library/ms748750.aspx

   ( Look for SetLaunchSecurityDescriptor )
   
Here is a way to query the dcom permissions using WMI:

   http://mail.nessus.org/pipermail/plugins-writers/2006-September/msg00000.html
0
 
LVL 54

Expert Comment

by:McKnife
ID: 17845845
What are you trying to achieve, do you want do that remotely, or deploy it, or?
In HKEY_CLASSES_ROOT\AppID\{783C030F-E948-487D-B35D-94FCF0F0C172} for example, there are launch permissions that get altered when altering acccess rights on Blocked Drivers which has that ID (783...), so a Start would be to extract these keys.
0
 

Author Comment

by:gregajesih
ID: 17857569
The link from the topic that you found for me, has a script that works excactly as I  want it to.
So, thank you very much dave

On Error Resume Next

'TRUE = 1
'FALSE = 0
DCP_ACL_LAUNCH = 1
DCP_ACL_ACCESS = 2
DCP_E_NO_ACCESS        = &H8004a001
DCP_E_NO_ACL           = &H8004a002
DCP_E_INVALID_OBJECT   = &H8004a003
DCP_E_INVALID_TYPE     = &H8004a004
DCP_E_MUST_BE_ADMIN    = &H8004a005
DCP_E_NO_MORE_ENTRIES  = &H8004a006
DCP_E_INVALID_VERSION  = &H8004a007
DCP_E_OBJ_IS_A_SERVICE = &H8004a008
DCP_E_UNSUPPORTED      = &H8004a009
DCP_E_NO_VALUE         = &H8004a00a
DCP_E_UNKNOWN_USER     = &H8004a00b
DCP_E_NO_APPID         = &H8004a00c

Dim GOSh
Dim dcomperm
Set GOSh = CreateObject("WScript.Shell")
Set dcomperm = CreateObject ("DCOMPerm")
     If Err Then
     Err.Clear
     GOSh.run "dcpinst.exe",0,True
     Set dcomperm = CreateObject ("DCOMPerm")
          If Err Then
          WScript.Echo "Unable to install DCOM Permissions! They will have to be set via DCOMCNFG.",,"DCOM Permmissions"
          WScript.Quit(1)
          End If
     End If
dcomperm.AddPrincipal "Appid:{0737E50A-4C76-4ff7-BB21-A85596F0D004}",DCP_ACL_ACCESS, "YOURDOMAIN\YourGroupORUser", "1"
     If Err Then
     WScript.Echo "Unable to install DCOM Permissions! They will have to be set via DCOMCNFG.",,"DCOM Permmissions"
     WScript.Quit(2)
     End If
dcomperm.AddPrincipal "Appid:{0737E50A-4C76-4ff7-BB21-A85596F0D004}",DCP_ACL_LAUNCH, "YOURDOMAIN\YourGroupORUser", "1"
     If Err Then
     WScript.Echo "Unable to install DCOM Permissions! They will have to be set via DCOMCNFG.",,"DCOM Permmissions"
     WScript.Quit(2)
     End If
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question