I've had trouble with Windows Live sites that I finally tracked down to the
COM+ System Application service not starting. In order to get the service
running again I reregistered ole32.dll and oleaut32.dll.
Having done that, there seemed to be a permission problem when running IE7
as a Limited User.
So, what I'm looking for is this:
* Can someone say where I can find a reasonable set of COM Security
defaults for "My Computer"?
* Is this a problem: "The CLSID {1F87137D-0E7C-44d5-8C73-4EFFB68962F2},
item C:\Windows\system32\wbem\wmiprvse.exe and title Microsoft WMI Provider
Sumsystem Secured Host has the named value AppID, but is not recorded under
\\HKEY_CLASSES_ROOT\AppId. Do you wish to record it?"
--
Mike H
dcomcnfg COM Security Defaults
Moderators: DllAdmin, DLLADMIN ONLY
Re: dcomcnfg COM Security Defaults
On Wed, 15 Apr 2009 13:24:56 -0700, Mike H wrote:
> I've had trouble with Windows Live sites that I finally tracked down to the
> COM+ System Application service not starting. In order to get the service
> running again I reregistered ole32.dll and oleaut32.dll.
>
> Having done that, there seemed to be a permission problem when running IE7
> as a Limited User.
>
> So, what I'm looking for is this:
> * Can someone say where I can find a reasonable set of COM Security
> defaults for "My Computer"?
>
> * Is this a problem: "The CLSID {1F87137D-0E7C-44d5-8C73-4EFFB68962F2},
> item C:\Windows\system32\wbem\wmiprvse.exe and title Microsoft WMI Provider
> Sumsystem Secured Host has the named value AppID, but is not recorded under
> \\HKEY_CLASSES_ROOT\AppId. Do you wish to record it?"
>
>
From another machine I found these COM+ Security defaults, and I've set
themjust so on mine. If anyone thinks of a user, group, or permissions that
should be other than these, by all means, let me know.
Access Permissions
Security Limits
ANONYMOUS LOGON
Local Access : Allow[x] Deny [ ]
Remote Access : Allow[ ] Deny [ ]
Everyone
Local Access : Allow[x] Deny [ ]
Remote Access : Allow[x] Deny [ ]
Default Security
SELF
Local Access : Allow[x] Deny [ ]
Remote Access : Allow[x] Deny [ ]
SYSTEM
Local Access : Allow[x] Deny [ ]
Remote Access : Allow[ ] Deny [ ]
Launch and Activation Permissions
Security Limits
Administrators
Local Launch : Allow [x] Deny [ ]
Remote Launch : Allow [x] Deny [ ]
Local Activation : Allow [x] Deny [ ]
Remote Activation : Allow [x] Deny [ ]
Everyone
Local Launch : Allow [x] Deny [ ]
Remote Launch : Allow [ ] Deny [ ]
Local Activation : Allow [x] Deny [ ]
Remote Activation : Allow [ ] Deny [ ]
Default Security
Administrators
Local Launch : Allow [x] Deny [ ]
Remote Launch : Allow [x] Deny [ ]
Local Activation : Allow [x] Deny [ ]
Remote Activation : Allow [x] Deny [ ]
INTERACTIVE
Local Launch : Allow [x] Deny [ ]
Remote Launch : Allow [ ] Deny [ ]
Local Activation : Allow [x] Deny [ ]
Remote Activation : Allow [ ] Deny [ ]
SYSTEM
Local Launch : Allow [x] Deny [ ]
Remote Launch : Allow [ ] Deny [ ]
Local Activation : Allow [x] Deny [ ]
Remote Activation : Allow [ ] Deny [ ]
The second problem, with the unrecorded AppID, remains.
--
Mike H
> I've had trouble with Windows Live sites that I finally tracked down to the
> COM+ System Application service not starting. In order to get the service
> running again I reregistered ole32.dll and oleaut32.dll.
>
> Having done that, there seemed to be a permission problem when running IE7
> as a Limited User.
>
> So, what I'm looking for is this:
> * Can someone say where I can find a reasonable set of COM Security
> defaults for "My Computer"?
>
> * Is this a problem: "The CLSID {1F87137D-0E7C-44d5-8C73-4EFFB68962F2},
> item C:\Windows\system32\wbem\wmiprvse.exe and title Microsoft WMI Provider
> Sumsystem Secured Host has the named value AppID, but is not recorded under
> \\HKEY_CLASSES_ROOT\AppId. Do you wish to record it?"
>
>
From another machine I found these COM+ Security defaults, and I've set
themjust so on mine. If anyone thinks of a user, group, or permissions that
should be other than these, by all means, let me know.
Access Permissions
Security Limits
ANONYMOUS LOGON
Local Access : Allow[x] Deny [ ]
Remote Access : Allow[ ] Deny [ ]
Everyone
Local Access : Allow[x] Deny [ ]
Remote Access : Allow[x] Deny [ ]
Default Security
SELF
Local Access : Allow[x] Deny [ ]
Remote Access : Allow[x] Deny [ ]
SYSTEM
Local Access : Allow[x] Deny [ ]
Remote Access : Allow[ ] Deny [ ]
Launch and Activation Permissions
Security Limits
Administrators
Local Launch : Allow [x] Deny [ ]
Remote Launch : Allow [x] Deny [ ]
Local Activation : Allow [x] Deny [ ]
Remote Activation : Allow [x] Deny [ ]
Everyone
Local Launch : Allow [x] Deny [ ]
Remote Launch : Allow [ ] Deny [ ]
Local Activation : Allow [x] Deny [ ]
Remote Activation : Allow [ ] Deny [ ]
Default Security
Administrators
Local Launch : Allow [x] Deny [ ]
Remote Launch : Allow [x] Deny [ ]
Local Activation : Allow [x] Deny [ ]
Remote Activation : Allow [x] Deny [ ]
INTERACTIVE
Local Launch : Allow [x] Deny [ ]
Remote Launch : Allow [ ] Deny [ ]
Local Activation : Allow [x] Deny [ ]
Remote Activation : Allow [ ] Deny [ ]
SYSTEM
Local Launch : Allow [x] Deny [ ]
Remote Launch : Allow [ ] Deny [ ]
Local Activation : Allow [x] Deny [ ]
Remote Activation : Allow [ ] Deny [ ]
The second problem, with the unrecorded AppID, remains.
--
Mike H