473,325 Members | 2,828 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,325 software developers and data experts.

Error instantiating a COM+ proxy

I have a two tier system.

I've created a COM+ package on the data tier (Win2003) and exported it as a
COM+proxy (v 1.0 compliant) and installed this onto a Win2000 web
application.

I've created a simple VB6 application that I run on the web tier to call a
method on the proxy stub and this successfully runs on the data tier.

However, I've attempted to create an ASP page that does exactly the same
thing and it falls over.

err.description: Permission denied
err.number: 70

I presume that this is a permissions problem for the anonymous web user. Is
it that the web user can't access the Proxy stub, or is it a permissions
thing on the data tier?

Any advice would be most welcome

Thanks

Griff
Jan 13 '06 #1
12 6780
Try giving rights to the COM object in dcomcnfg (from Start---run)

Ray at work

"Griff" <Ho*****@The.Moon> wrote in message
news:e1*************@TK2MSFTNGP15.phx.gbl...
I have a two tier system.

I've created a COM+ package on the data tier (Win2003) and exported it as
a COM+proxy (v 1.0 compliant) and installed this onto a Win2000 web
application.

I've created a simple VB6 application that I run on the web tier to call a
method on the proxy stub and this successfully runs on the data tier.

However, I've attempted to create an ASP page that does exactly the same
thing and it falls over.

err.description: Permission denied
err.number: 70

I presume that this is a permissions problem for the anonymous web user.
Is it that the web user can't access the Proxy stub, or is it a
permissions thing on the data tier?

Any advice would be most welcome

Thanks

Griff

Jan 13 '06 #2
> Try giving rights to the COM object in dcomcnfg (from Start---run)

Sorry, not got this to work....what I tried was as follows:

1 - I ran dcomcnfg on the web tier (the one with the proxy)
2 - I selected the class ID in the list of applications {A89..}
3 - I went to the tab "Default Security"
4 - In the second box "Default Launch Permissions" I set the following:

Add user "IUSR_^servername^ = Allow Launch

5 - I tried the web page again .... same "permission denied" error

Griff

Jan 13 '06 #3
You may need...
....permissions at the file level for the DLL or whatever
is exposing that com object.

The latest service pack to XP as well as many of microsofts
patches are tightening up and not giving the developer as many
freedoms as we once had (which is a good thing).

Let me know if the file permissions resolved the issue.

D.
Griff wrote:
Try giving rights to the COM object in dcomcnfg (from Start---run)

Sorry, not got this to work....what I tried was as follows:

1 - I ran dcomcnfg on the web tier (the one with the proxy)
2 - I selected the class ID in the list of applications {A89..}
3 - I went to the tab "Default Security"
4 - In the second box "Default Launch Permissions" I set the following:

Add user "IUSR_^servername^ = Allow Launch

5 - I tried the web page again .... same "permission denied" error

Griff


Jan 13 '06 #4
"Griff" <Ho*****@The.Moon> wrote in message
news:e1*************@TK2MSFTNGP15.phx.gbl...
I have a two tier system.

I've created a COM+ package on the data tier (Win2003) and exported it as
a COM+proxy (v 1.0 compliant) and installed this onto a Win2000 web
application.

I've created a simple VB6 application that I run on the web tier to call a
method on the proxy stub and this successfully runs on the data tier.

However, I've attempted to create an ASP page that does exactly the same
thing and it falls over.

err.description: Permission denied
err.number: 70

I presume that this is a permissions problem for the anonymous web user.
Is it that the web user can't access the Proxy stub, or is it a
permissions thing on the data tier?

Any advice would be most welcome

Under Windows 2003 only members of the <machine>\Distributed COM Users group
is allowed to access any COM+ objects from a remote computer. There are
various approaches to solving the problem. You could add the name of the
remote user to this group, or you can change the default COM Security
permissions to allow Everyone access.

On the Windows 2003 server, bring up your Component Services control panel
applet and right click on "My Computer". Choose the Com Security tabe and
add "Everyone" both local and remote access.

HTH

Brian
Jan 13 '06 #5
> You may need...
...permissions at the file level for the DLL or whatever
is exposing that com object.


The web (Win2000) and data (Win2003) servers are not in a domain, and there
is no TRUST relationship between them.

I added the permission you mentioned to the DLL in the web\c$\program
files\complus\{a9832.....}\myDLL.dll - no luck.

I'll write up my full setup in a reply to Brian Muth (in this same thread)

Thanks

Griff


Jan 16 '06 #6
Hi Brian

Thanks for the reply - unfortunately it did not work.....

What I will attempt to do is to set out the full set of security permissions
and state what does and does not work. Hopefully, for those in the know, it
will be obvious what my mistake is.

SET UP
Web tier = Win2000
Data tier = Win2003
These servers are NOT in a domain and there is no trust relationship between
these servers. They are effectively "stand alone".

COM+ APPLICATION
Package installed on DATA tier and exported as a proxy (COM+ 1.0 format).
This is installed on the WEB tier.

WHAT DOES WORK
Logging on as the WEB TIER administrator, I can run an executable that calls
this proxy COM+ application. It successfully executes on the DATA tier.

WHAT DOES NOT WORK
Opening up a web browser to run an ASP page that does exactly what the
executably in the previous step did. Error is: 70, Permission denied.

PERMISSIONS ON THE WEB TIER
From Component Services control panel, myComputer properties, Default
security:
Default access permissions: [blank]
Default launch permissions: IUSR_WEB "Allow defaultLaunchPermission"

From Component Services control panel, COM+ Applications, myPackage
properties
Only property is the IP address of the DATA tier on the Activation tab

From Component Services control panel, COM+ Applications, myPackage,
myComponent properties
All greyed out

C:\Program Files\ComPlus Applications\{A8....}\myDLL.dll
I tried to explicitly give IUSR_WEB explicit EXECUTE permissions, but this
had no effect, so I removed it.

PERMISSIONS ON THE DATA TIER
From Component Services control panel, myComputer properties, COM security
tab:
Access permissions (default): EVERYONE & SELF (local and remote access),
SYSTEM (local access)
Access permissions (limits) : ANONYMOUS LOGON, DISTRIBUTED COM USES,
EVERYONE ( local & remote access)
Launch and activation permissions (default): ADMINISTRATORS, EVERYONE,
INTERACTIVE, SYSTEM (local launch, remote launch, local activation, remote
activation)
Launch and activation permissions (limits): ADMINISTRATORS, DISTRIBUTED COM
USERS, EVERYONE (Local & remote launch, local & remote activation).

From Component Services control panel, COM+ Applications, myPackage
properties
Security: enforce access checks for this application; perform access checks
at the process and component level; authentication level (packet);
impersonation level (impersonate)
Identity: This user (DATA\Administrator)
Activation: Server

From Component Services control panel, COM+ Applications, myPackage,
myComponent properties
Transactions support: not supported
Security: nothing ticked
Activation: don't force activation context
Concurrency: required

The actual DLL is held on the D drive and it's security is: Administrators
(Full control); System (Full control); USERS (Read & Execute)

Not sure what else to try.....

Griff
"Brian Muth" <bm***@mvps.org> wrote in message > Under Windows 2003 only
members of the <machine>\Distributed COM Users group
is allowed to access any COM+ objects from a remote computer. There are
various approaches to solving the problem. You could add the name of the
remote user to this group, or you can change the default COM Security
permissions to allow Everyone access.

On the Windows 2003 server, bring up your Component Services control panel
applet and right click on "My Computer". Choose the Com Security tabe and
add "Everyone" both local and remote access.

HTH

Brian

Jan 16 '06 #7
Is "Roles" something that I should be investigating (or at least users
within the CREATEOWNER role)? I'm not familiar with roles....

Griff
Jan 16 '06 #8
Oh, missed out the following:

On DATA tier, added EVERYONE to the [Distributed Com Users] Group, but to no
avail.

Griff
Jan 16 '06 #9
Hmmm

On the web tier I temporarily added the "IUSR_Server" to the Windows
Administrators group and it didn't help. Not sure what this tells me - does
it tell me that the permission denied error is on the DATA tier?

All help appreciated in this one

Griff
Jan 17 '06 #10
You can always tell directly what permission is being denied if you turn on
logon auditing in your local security settings.

HTH

Brian
Jan 17 '06 #11
Solved it.

Because the two machines are NOT in the same domain, authentication is not
passed around using SIDs but by encrypted username and password.

The context that the application is being run under (on the WEB tier) is of
course the IUSR_Server user. By default, IIS controls the password for
IUSR_Server.

What I had to do was to create a user on the DATA tier "IUSR_Server" and
give that a password of "1234" (for example). On the web tier, I then had
to stop IIS controlling the password and change it to "1234". After that,
everything worked.

Well, it did in our test environment. Yet to try it on our production
environment, but fingers crossed!

Anyhow, thanks for everyone's help in this.

Griff
Jan 18 '06 #12
>
Because the two machines are NOT in the same domain....


Ah, a key piece of information missing from your posts.

Glad you solved it!

Brian
Jan 18 '06 #13

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: Wayno | last post by:
My php logs are coming up empty. I have done all I can think of, and all that made sense to me. Can someone take a look at my php.ini please and tell me what you think may be the problem. I...
1
by: SrDhUS | last post by:
I get the following error when I try to add a web reference using Web Reference Dialog (VS .Net 2003) Error "The proxy settings on this computer are not configured correctly for web discovery."...
7
by: Jorgen Haukland, Norway | last post by:
Hi, I have created a Java webservice which runs in IBM WebSphere appserver. I take the WSDL-file and create a VS.NET WinForm application and calls the service running on my PC and everything...
4
by: Sebastián::PJ | last post by:
I'm trying to reach a web service outside my organization and this is what I get. Where do I have to write the Proxy credentials? TIA -- Check my blog out at: http://sgomez.blogspot.com
7
by: John Grandy | last post by:
My ASP.NET Web Service project has a Web Method that returns an array filled with instances of a custom class. The custom class is defined in a Class Library that is included in the web-service...
6
by: jasn | last post by:
Hello I am getting the following error message when I try and send an XML sting to a web service, I read somewhere that most web services prefer ascii and some throw errors when using unicode so...
1
by: manfred | last post by:
Hi Together, I tried to build a webservice proxy using a wsdl, generated in the sun/java world. I used the .Net 2003 Version, choosing there VC++. The steps I did: 1. Visual C++ Projekte /...
3
by: Monty | last post by:
OK, I had an issue with this and found lots of advice that did not apply, so I'm posting what I found hoping it might help someone else. Here's the sitch: you have a COM app that calls to a .Net...
3
by: Lance Wynn | last post by:
Hello, I am receiving this error when trying to instantiate a webservice component. I have 2 development machines, both are XP sp2 with VS 2008 installed. On one machine, the code works fine. On...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.