Solved

DCOM Application not working after domain change

Posted on 2010-11-18
17
955 Views
Last Modified: 2013-11-25
I have an application that several users run that uses DCOMM.  It was running fine after configuring the settings as the software vendor recommended.  We recently changed the domain the the users are logging into.  After that, the application no longer works.  The only change is the domain.  I haven't had any succees yet with the vendor.  HELP!!!
0
Comment
Question by:bds1959
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 4
17 Comments
 

Author Comment

by:bds1959
ID: 34175668
The OS on the workstations is Windows XP - (I think they are all SP2, although one might have SP3?)  The Application on the server is called TrendServer Pro - from Honneywell - nothing changed on the server; it's still on the same domain as it always was - the only change was the domain that the workstations are logging into, and, again, everything was working before the domain change.  The workstations can successfully ping the server, however they can no longer log in to the application - it's a DCOM App. - when we first installed it my colleague found something "deep" in the DCOM setting on the workstation end that we had to change that hadn't been documented by the vendor.   One thing that we had noticed before, on the old domain, before my colleague discovered the "fix" was that Domain Admins. had no problem logging-in to the server.  However our standard users, who only have Admin. rights to the workstations, were unable to log-in to the server till the "fix."  We have no Domain Admin. accounts locally in order to test on the "new" domain.  However, I would have thought that the change we had made previously would be universal; the users continue to have local (workstation) Admin. rights just as before.  Hope this helps!  Thanks again in advance to anyone that can help!
0
 
LVL 62

Expert Comment

by:gheist
ID: 34176954
subinacl.exe can migrate permissions after domain change
0
 

Author Comment

by:bds1959
ID: 34198520
ghiest - I apologize for not seeing your suggestion sooner - Thank you - I appreciate it - however, HOW do I use that file???  What would the parameters be???
0
Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

 
LVL 11

Expert Comment

by:Paul S
ID: 34208167
We need more info. How many computers and how many servers? What is the software name? Did you just login to a different domain or did you actually rename the domain you were using? Are you a local administrator in both domains?

you can also try from a command line:
msdtc -uninstall
msdtc -install
0
 

Author Comment

by:bds1959
ID: 34208917
Hi Guru - Thanks for your reply.  It's only one server - NO changes on it - same domain as it was.  There's four or five workstations.  We are now logging-in to a different domain with a different domain server as well as new credentials.  The users have new I.D.'s for the new domain.  So it was more than just a rename of the existing domain.  I am a full domain admin on the old domain and have some administrative rights on the new one, but not full rights.  I did try the msdtc commands with no luck.  
0
 
LVL 11

Expert Comment

by:Paul S
ID: 34209181
is the server hosting the DCOM app part of the new domain? What credentials does the DCOM app run as?
0
 

Author Comment

by:bds1959
ID: 34209408
Nothing changed on the server; only on the clients. The DCOM on the clients "broke" with the domain change. Somehow I need to have DCOM the same as it was before on the workstations?  DCOM was originally set on the old domain with the users having local admin rights. That's still the same on the new domain - users have local admin rights.  Thanks!
0
 
LVL 11

Expert Comment

by:Paul S
ID: 34209735
have you reviewed the event logs on both the servers and clients? Can you put the DCOM server onto the same domain as the clients? Switching domains like that makes me think it is a security / authentication issue.
0
 

Author Comment

by:bds1959
ID: 34209966
The event log on the server won't help - nothing changed there and the clients can't connect, so there won't be anything there. I can check the workstations.  The server can't be added to the new domain yet.
0
 

Author Comment

by:bds1959
ID: 34231503
I got a chance to look at the event log on one of the client workstations - nothing related to the DCOM thing.  It's definitely a security/authoriztion thing - what changed in DCOM when changing domains?  
0
 

Author Comment

by:bds1959
ID: 34231511
Is there some way to "export' the old DCOM settings from the old domain?
0
 
LVL 11

Accepted Solution

by:
Paul S earned 500 total points
ID: 34241443
If it is an authentication problem then "exporting" the old settings won't help. What you is to add some new settings which allow users from the new domain to access DCOM apps on that server. Have you tried making any of the users local administrators on the DCOM server for testing? have you added any of the new users to the DCOM launch and activation permissions on the DCOM objects?
0
 

Author Comment

by:bds1959
ID: 34243474
Thank you Guru 777!  Although you didn't give me "the answer," you jogged my memory enough so that I was able to find it.  It WAS a security issue - we had a Group of users (from the "old" domain; the one that the Server is still on) set up and had to give that group access to the one component under DCOM on both the Server and Client sides.  I had to dig for the component, but found it on the Server, then was able to update the security on the client side accordingly.  We had to add and set the secutiry for the corresponding Group on the new domain on that particular component.  
0
 

Author Closing Comment

by:bds1959
ID: 34243519
See my note for the reasons for the "Partiallys"  They are NOT meant to be a "diss."  You helped me find my answer, and you deserve credit for that.  However, you just got me on the right path; I'm not sure ANYONE without direct knowledge of the Honeywell TrendServer software could have actually provided a "complete" and "accurate" solution?  In fact, Honeywell wasn't able to help me!  Thank you!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article summaries thoughts and ideas from two years of sustained use. It provides good reasoning to make the jump to Windows 10.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question