DCOM In WORKGROUP Environment Access Denied - Setting authninfo Does not Help
-
Friday, March 25, 2011 10:49 PM
I am stetting up DCOM NT Service in a Workgroup environment on Windows7 machines. The client machine is Windows7 and so is the server. There is no domain involved. I am calling CoInitializeSecurity on both client and server. The client applicaiton works only locally. When it is setup to run remotly, I get access denied. I have noticed a few others are having a simular issue when the client is not XP. I have tried to set authentication info on the client. But it didn't work.
Odly enough the network traces mention the user who is logged in to the server. I have tried creating an account with the same name as the one mentioned in the trace on the client and was still denied access when running the clieint app as that user.
5 0.001592 192.168.1.61 192.168.1.60 TCP excw > epmap [SYN] Seq=0 Win=8192 Len=0 MSS=1460 SACK_PERM=1 6 0.002039 192.168.1.60 192.168.1.61 TCP epmap > excw [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1460 SACK_PERM=1 7 0.002137 192.168.1.61 192.168.1.60 TCP excw > epmap [ACK] Seq=1 Ack=1 Win=64240 Len=0 8 0.002452 192.168.1.61 192.168.1.60 DCERPC Bind: call_id: 2, 2 context items, 1st IOXIDResolver V0.0 9 0.004181 192.168.1.60 192.168.1.61 DCERPC Bind_ack: call_id: 2 Unknown result (3), reason: Local limit exceeded 10 0.004407 192.168.1.61 192.168.1.60 IOXIDResolver ServerAlive2 request 11 0.005822 192.168.1.60 192.168.1.61 IOXIDResolver ServerAlive2 response[Long frame (2 bytes)] 12 0.006504 192.168.1.61 192.168.1.60 TCP cspmlockmgr > epmap [SYN] Seq=0 Win=8192 Len=0 MSS=1460 SACK_PERM=1 13 0.007272 192.168.1.60 192.168.1.61 TCP epmap > cspmlockmgr [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1460 SACK_PERM=1 14 0.007359 192.168.1.61 192.168.1.60 TCP cspmlockmgr > epmap [ACK] Seq=1 Ack=1 Win=64240 Len=0 15 0.012878 192.168.1.61 192.168.1.60 DCERPC Bind: call_id: 3 ISystemActivator V0.0, NTLMSSP_NEGOTIATE 16 0.014403 192.168.1.60 192.168.1.61 DCERPC Bind_ack: call_id: 3, NTLMSSP_CHALLENGE accept max_xmit: 5840 max_recv: 5840 17 0.014978 192.168.1.61 192.168.1.60 DCERPC AUTH3: call_id: 3, NTLMSSP_AUTH, User: TS-07-PC\TS-08 18 0.015318 192.168.1.61 192.168.1.60 ISystemActivator RemoteGetClassObject request 19 0.017808 192.168.1.60 192.168.1.61 TCP epmap > cspmlockmgr [ACK] Seq=307 Ack=1469 Win=62892 Len=0 20 0.019517 192.168.1.60 192.168.1.61 DCERPC Fault: call_id: 3 ctx_id: 1 status: nca_s_fault_access_denied
HRESULT hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED); ATLASSERT(S_OK == hr); SEC_WINNT_AUTH_IDENTITY_W authidentity; SecureZeroMemory( &authidentity, sizeof(authidentity) ); authidentity.User = (unsigned short *)"dcomu"; authidentity.UserLength = static_cast<unsigned long>(wcslen((LPWSTR) authidentity.User )); authidentity.Domain = (unsigned short *) "Station-08"; authidentity.DomainLength = static_cast<unsigned long>(wcslen((LPWSTR) authidentity.Domain)); authidentity.Password = (unsigned short *) "testing"; authidentity.PasswordLength = static_cast<unsigned long>(wcslen((LPWSTR) authidentity.Password )); authidentity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE; SOLE_AUTHENTICATION_INFO authninfo; SecureZeroMemory(&authninfo, sizeof(SOLE_AUTHENTICATION_INFO) ); // NTLM Settings authninfo.dwAuthnSvc = RPC_C_AUTHN_WINNT; authninfo.dwAuthzSvc = RPC_C_AUTHZ_NONE; authninfo.pAuthInfo = &authidentity; SOLE_AUTHENTICATION_LIST authentlist; authentlist.cAuthInfo = 1; authentlist.aAuthInfo = &authninfo; hr = CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_CONNECT, RPC_C_IMP_LEVEL_ANONYMOUS, &authentlist, EOAC_NONE, NULL); ATLASSERT(SUCCEEDED(hr));
