3,245
社区成员
发帖
与我相关
我的任务
分享请教CoCreateInstanceEx产生E_ACCESSDENIED的原因
Client : 机器名client1
激活代码为:
HRESULT hr;
hr = CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_CONNECT,
RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, 0);
MULTI_QI qi = {&IID_ICalculator, 0, 0};
OLECHAR* szDomain = _T("server1");
OLECHAR* szRmtSvr = _T("192.168.19.106");
OLECHAR* szUser = _T("username");
OLECHAR* szPwd = _T("password");
COAUTHIDENTITY authId;
COAUTHINFO authInfo;
COSERVERINFO svrInfo;
authId.Domain = (USHORT*)szDomain;
authId.DomainLength = _tcslen(szDomain);
authId.User = (USHORT*)szUser;
authId.UserLength = _tcslen(szUser);
authId.Password = (USHORT*)szPwd;
authId.PasswordLength = _tcslen(szPwd);
authId.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
authInfo.pwszServerPrincName = NULL;
authInfo.dwAuthnSvc = RPC_C_AUTHN_WINNT;
authInfo.dwAuthnLevel = RPC_C_AUTHN_LEVEL_CONNECT;
authInfo.dwCapabilities = EOAC_NONE;
authInfo.dwImpersonationLevel = RPC_C_IMP_LEVEL_IMPERSONATE;
authInfo.pAuthIdentityData = &authId;
authInfo.dwAuthzSvc = RPC_C_AUTHZ_NAME;
svrInfo.dwReserved1 = NULL;
svrInfo.dwReserved2 = NULL;
svrInfo.pwszName = szRmtSvr;
svrInfo.pAuthInfo = &authInfo;
hr = CoCreateInstanceEx(CLSID_Calculator, NULL, CLSCTX_REMOTE_SERVER,
//&svr,
svrInfo,
1, &qi);
server: 服务器禁用guest用户,机器名为server1,ip为192.168.19.106,有一个用户id为username,
代码为:
SOLE_AUTHENTICATION_SERVICE *pacAuth = new SOLE_AUTHENTICATION_SERVICE;
pacAuth->dwAuthnSvc = RPC_C_AUTHN_WINNT;
pacAuth->dwAuthzSvc = RPC_C_AUTHZ_NAME;
pacAuth->pPrincipalName = NULL;
pacAuth->hr = S_OK;
hr = CoInitializeSecurity( NULL, 1, pacAuth, NULL, RPC_C_AUTHN_LEVEL_CONNECT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, 0);
问题:在client, 我明明是用username发送CoCreateInstanceEx,但是在服务器端用事件查看器发现,client是用guest激活dcom的,由于服务器禁用guest用户,所以导致不能激活成功
请问:怎么样设置才能在服务器上用client传递的用户名和密码激活DCOM?
激活代码为:
HRESULT hr;
hr = CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_CONNECT,
RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, 0);
MULTI_QI qi = {&IID_ICalculator, 0, 0};
OLECHAR* szDomain = _T("server1");
OLECHAR* szRmtSvr = _T("192.168.19.106");
OLECHAR* szUser = _T("username");
OLECHAR* szPwd = _T("password");
COAUTHIDENTITY authId;
COAUTHINFO authInfo;
COSERVERINFO svrInfo;
authId.Domain = (USHORT*)szDomain;
authId.DomainLength = _tcslen(szDomain);
authId.User = (USHORT*)szUser;
authId.UserLength = _tcslen(szUser);
authId.Password = (USHORT*)szPwd;
authId.PasswordLength = _tcslen(szPwd);
authId.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
authInfo.pwszServerPrincName = NULL;
authInfo.dwAuthnSvc = RPC_C_AUTHN_WINNT;
authInfo.dwAuthnLevel = RPC_C_AUTHN_LEVEL_CONNECT;
authInfo.dwCapabilities = EOAC_NONE;
authInfo.dwImpersonationLevel = RPC_C_IMP_LEVEL_IMPERSONATE;
authInfo.pAuthIdentityData = &authId;
authInfo.dwAuthzSvc = RPC_C_AUTHZ_NAME;
svrInfo.dwReserved1 = NULL;
svrInfo.dwReserved2 = NULL;
svrInfo.pwszName = szRmtSvr;
svrInfo.pAuthInfo = &authInfo;
hr = CoCreateInstanceEx(CLSID_Calculator, NULL, CLSCTX_REMOTE_SERVER,
//&svr,
svrInfo,
1, &qi);
server: 服务器禁用guest用户,机器名为server1,ip为192.168.19.106,有一个用户id为username,
代码为:
SOLE_AUTHENTICATION_SERVICE *pacAuth = new SOLE_AUTHENTICATION_SERVICE;
pacAuth->dwAuthnSvc = RPC_C_AUTHN_WINNT;
pacAuth->dwAuthzSvc = RPC_C_AUTHZ_NAME;
pacAuth->pPrincipalName = NULL;
pacAuth->hr = S_OK;
hr = CoInitializeSecurity( NULL, 1, pacAuth, NULL, RPC_C_AUTHN_LEVEL_CONNECT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, 0);
问题:在client, 我明明是用username发送CoCreateInstanceEx,但是在服务器端用事件查看器发现,client是用guest激活dcom的,由于服务器禁用guest用户,所以导致不能激活成功
请问:怎么样设置才能在服务器上用client传递的用户名和密码激活DCOM?
...全文
请发表友善的回复…
发表回复
joachern 2005-08-12
- 打赏
- 举报
我也遇到这样的问题,不知道如何解决
junegone 2005-08-10
- 打赏
- 举报
两台机器是分开的workstation,没有在同一个域内
junegone 2005-08-09
- 打赏
- 举报
COM高手不在?
nelsonc 2005-08-09
- 打赏
- 举报
服务器是WorkStation还是Domain中的机器或质Domain Server?
junegone 2005-08-09
- 打赏
- 举报
楼上的可能没明白, 我是在获取接口的时候被拒绝,而不是在使用接口的时候被拒绝
junegone 2005-08-09
- 打赏
- 举报
帅哥,这些东西我都看了,但是不明白,我明明在COSERVERINFO中传递了用户名,但是在服务器端发现激活的用户依然是guest
亿云力科技 2005-08-09
- 打赏
- 举报
可能你需要调用CoSetProxyBlanket().
以下来自CoCreateInstanceEx()的MSDN help:
The COSERVERINFO structure passed as the pServerInfo parameter contains the security settings that COM will use when creating a new instance of the specified object. Note that this parameter does not influence the security settings used when making method calls on the instantiated object. Those security settings are configurable, on a per-interface basis, with the CoSetProxyBlanket function.
以下来自CoCreateInstanceEx()的MSDN help:
The COSERVERINFO structure passed as the pServerInfo parameter contains the security settings that COM will use when creating a new instance of the specified object. Note that this parameter does not influence the security settings used when making method calls on the instantiated object. Those security settings are configurable, on a per-interface basis, with the CoSetProxyBlanket function.
