See in Component Services -> Creator Owner
Must be "IUSR_ComputerName"
With Regards from Poland
Pawel Janowski
www.sunrise-tm.com
-----Original Message-----
From: Dominic Cadorette [mailto:dominiccadorette (at) videotron (dot) ca [email concealed]]
Sent: Monday, August 23, 2004 1:35 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: COM+ with ASP web site on W2K3
Dear list members,
I have a project with Windows 2003 (Enterprise). We have a COM+ application
and an ASP Web Site. The COM+ application needs to access to different DBs.
The application works fine on Windows 2000 SP4. But I installed it on a
Windows 2003 machine and I have the message "Access Denied" in my ASP page
at the line where I call the DLL included in my COM+ application. I saw in
the Application Event Log that IUser_WebServer was denied to access my COM+
application.
I made some research on the Net and I found a way to do it by adding a role
in my COM+ application for my IUser_WebServer user. After I added this
role, it works fine.
However, I was wondering if it is a security issue to do it that way. If
yes, how should I do it?
Must be "IUSR_ComputerName"
With Regards from Poland
Pawel Janowski
www.sunrise-tm.com
-----Original Message-----
From: Dominic Cadorette [mailto:dominiccadorette (at) videotron (dot) ca [email concealed]]
Sent: Monday, August 23, 2004 1:35 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: COM+ with ASP web site on W2K3
Dear list members,
I have a project with Windows 2003 (Enterprise). We have a COM+ application
and an ASP Web Site. The COM+ application needs to access to different DBs.
The application works fine on Windows 2000 SP4. But I installed it on a
Windows 2003 machine and I have the message "Access Denied" in my ASP page
at the line where I call the DLL included in my COM+ application. I saw in
the Application Event Log that IUser_WebServer was denied to access my COM+
application.
I made some research on the Net and I found a way to do it by adding a role
in my COM+ application for my IUser_WebServer user. After I added this
role, it works fine.
However, I was wondering if it is a security issue to do it that way. If
yes, how should I do it?
Any help or comments would be appreciated.
Thanks,
Dominic
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]