locked
Acess denied for remote DCOM server application RRS feed

  • Question

  • Hi, I think I've tried all possible combinations of my problem (but I'm not having a good understanding of DCOM)...

    We have a developer machine running OPC server (DCOM) we have since (around) 2004 used a "hack" to authenticate to this machine explicitly by 

    CoCreateInstanceEx and supplied credentials - including adding our local accounts on the remote machine. The service(s) are configured to allow everyone, all our accounts etc to have full permissions. This machine are at a customer site. We use VPN to access the customer dev machine in development (this is a dev only problem since when deploy it runs localhost). Everything has worked upon til I tried to use windows 8 and bound my account to a live id. 

    •  It can create the component using Coauthidentity, CoAuthInfo in CoCreateInstanceEx but when .net calls QueryInterface it fails with:

    "Exception:Thrown: "Unable to cast COM object of type 'System.__ComObject' to interface type 'OpcRcw.Comn.IOPCServerList'. This operation failed because the QueryInterface call on the COM component for the interface with IID '{13486D50-4821-11D2-A494-3CB306C10000}' failed due to the following error: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))." (System.InvalidCastException)

    A System.InvalidCastException was thrown: "Unable to cast COM object of type 'System.__ComObject' to interface type 'OpcRcw.Comn.IOPCServerList'. This operation failed because the QueryInterface call on the COM component for the interface with IID '{13486D50-4821-11D2-A494-3CB306C10000}' failed due to the following error: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))."

    I'd guess that the create auth succeeds, but when authenticating the QueryInterface invocation - it fails (seems to revert back to the process user)...?

    I've tried to use (even if stated by microsoft not viable solution to use - CoSetProxyBlanket, CoInitializeSecurity) 

    With CoSetProxyBlanket - I can do QueryInterface, but when invoking a method on the object I get the same security exception.

    My question is:

    Is it possible to use a windows 8 account that is attached to a liveid and still invoke a remote DCOM service on a another machine (not in any domain at all) - is it possible to configure such to allow it. Security is not a issue since behind VPN and only in lab environment....

    Thanks

     Mario

    • Edited by Mario Toffia Saturday, September 8, 2012 7:48 AM
    Saturday, September 8, 2012 7:43 AM