K
kbeigan
All,
If you assign a domain user / local user to a windows service, is it
necessary to modify is ACL (launch / configuration/ access ) to enable
the assigned user to access the DCOM server.
Example: Say we have a network calculator service which instantiates
servers with an identity of say SOMEUSER who's a member of SOMEGROUP.
Is it necessary to modify the servers DCOM ACL (in dcomcnfg) to include
the same SOMEUSER (as well as the default setting - system etc )to
launch / access or configure?
Or does the DCOM security only kick in when clients have a different
security token from the services (that's what I think) ?
What ever the answer, is there any reference material which situates
this?
Many thanks in advance.
Karl
If you assign a domain user / local user to a windows service, is it
necessary to modify is ACL (launch / configuration/ access ) to enable
the assigned user to access the DCOM server.
Example: Say we have a network calculator service which instantiates
servers with an identity of say SOMEUSER who's a member of SOMEGROUP.
Is it necessary to modify the servers DCOM ACL (in dcomcnfg) to include
the same SOMEUSER (as well as the default setting - system etc )to
launch / access or configure?
Or does the DCOM security only kick in when clients have a different
security token from the services (that's what I think) ?
What ever the answer, is there any reference material which situates
this?
Many thanks in advance.
Karl