如何授予对我的COM +应用程序的访问权限？ [英] How do I grant access to my COM+ application?

问题描述

我创建了一个COM +服务器应用程序，调用者无法访问它 - 当它试图从该应用程序实例化一个COM对象（ CoCreateInstance（））系统日志中出现以下内容：

应用程序特定的权限设置不会为具有CLSID {class id的COM对象在这里}和APPID {这里的COM +应用程序的应用程序ID}到用户MACHINENAME \administrator SID（这里的SID）从地址LocalHost（使用LRPC）。此安全权限可以使用组件服务管理工具修改。

调试COM +访问的唯一方法似乎是使用角色，但应用程序具有强制执行访问检查未选中，因此看起来应该没有限制。

如何允许特定用户访问特定的COM +应用程序，以便他可以从那里实例化对象？

解决方案

你应该做的第一件事是检查你是否可以在应用程序之外创建这个对象。我在这里使用vbscript;

  dim vvv 
 set vvv = CreateObject（CoCreateInstance（））
 
 if isnull（vvv）then 
 msgboxnull
 else 
 msgboxnot null
 end if 
  

如果你不能创建对象，那么可能是.dll有问题，你可能最好提供组件从注册表和完全重新安装/重新实现它。

如果可以创建对象，则访问组件的应用程序存在问题。这通常是由于以下原因之一：

1. 组件安全设置

   
   
   
   
   
   • 为了找到问题，您可以取消选中强制执行访问检查。
   
   



2. 使用者设定

   
   
   
   
   
   • 请查看此链接< a>。
   
   



3. 组件服务与注册表之间的不匹配

p>




• 我们需要确保组件服务中的CLSID与注册表匹配。在组件服务中，查找组件（而不是应用程序）并查看属性。如果组件在那里，它被定义注册。当你在这里，我们可能会仔细检查一些设置。 DLL地址是否有效？安全，交易和激活设置是否正确？ OK，现在注意一般选项卡中的CLSID。进入注册表编辑器，并在HKEY_CLASSES_ROOT中找到CLSID（它应该在那里）。确保dll地址和ProgID是正确的。此外，请验证键和子键的结构与您的其他组件类似。

如果这些都不起作用，请在注册表中搜索组件的名称并将其擦除。然后重新安装。

I've created a COM+ server application and the caller can't access it - when it tries to instantiate a COM object (CoCreateInstance()) from that application the following appears in system log:

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {class id of COM object here} and APPID {app id of the COM+ application here} to the user MACHINENAME\administrator SID (SID here) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

The only way to tweak COM+ access seems to be using roles but the application has "enforce access checks" unchecked so it looks like there should be no restrictions. Yet the object won't instantiate.

How do I allow a certain user access a specific COM+ application so that he can instantiate objects from there?

解决方案

The first thing you should do is check to see if you can create this object outside of the application. I am using vbscript here;

dim vvv
set vvv= CreateObject ("CoCreateInstance()")

if isnull(vvv) then
            msgbox "null"
else
            msgbox "not null"
end if

If you cannot create the object, then there is probably an issue with the .dll and you might be best served just wiping the component out of the registry and completely reinstalling/reimplementing it.

If you can create the object, there is an issue with the application accessing the component. This is usually due to one of the following reasons;

1. Component Security settings

   • For the purposes of finding the issue, you are right to uncheck "enforce access checks". Make sure you uncheck the box at both the application (package) level AND the component level.

2. User settings

   • Check out this link. In addition to their advice, try adding IUSR_servername as a member of Administrators.

3. Mismatch between Component services and the registry

   • We need to make sure the CLSID's in Component services match the registry. In component services, look for the component (not the application) and look at the properties. If the component is in there, it is definetely registered. While you are here we might as well double check some settings. Is the DLL address valid? Are security, transactions and activation settings correct? OK, now notice the CLSID in the general tab. Go into the registry editor and find the CLSID in HKEY_CLASSES_ROOT (it should be there). Make sure the dll address and the ProgID are correct. Also verify the key and subkeys are structured in a similar way to your other components.

If none of this works, search the registry for the component's name and wipe it out. then reinstall.

这篇关于如何授予对我的COM +应用程序的访问权限？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！