Re: DCOM security question
- From: changliw@xxxxxxxxxxxxxxxxxxxx ("Charles Wang [MSFT]")
- Date: Thu, 01 May 2008 11:14:05 GMT
Hi Scott,
Regarding cross-domain authentication, there are two types of
authentication mechanisms on Windows: one is Kerberos, the other is NTLM. I
think that your description of "This, at least, allowed for testing from
another domain as long as the UserID and password matched on both domains."
referred to NTLM authentication. That means you can create the same local
user account (USERNAME) with the same password on both of your client and
server machines for NTLM authentication.
Regarding your concern "I did some coding with COAUTHINFO and
COAUTHIDENTITY and was able to get connected. What is missing is the
correlation being these parameters in the COAUTHINFO structure and what is
need on the server in the CoInitializeSecurity call. There are thousands of
possible combinations and what to use in this situation is confusing at
best.", I understand that you would like Microsoft publish some samples for
typical scenarios, right? You can directly click the link "Send comments
about this topic to Microsoft" at the bottom of the article
http://msdn.microsoft.com/en-us/library/ms688552(VS.85).aspx so that our
production team can hear your voice and hope that the related samples will
be produced in the near future.
Now I would like to provide you some articles for your reference:
COM Security Primer, Part I
http://www.codeguru.com/cpp/com-tech/activex/security/print.php/c5555/
COM Security Primer, Part II
http://www.codeguru.com/cpp/com-tech/activex/security/article.php/c5557/
Client-Side Security Programming
http://www.codeguru.cn/VC&MFC/APracticalGuideUsingVisualCandATL/93.htm
COM Security in Practice
http://msdn.microsoft.com/en-us/library/ms810014.aspx
Setting Processwide Security with CoInitializeSecurity
http://msdn.microsoft.com/en-us/library/ms679760(VS.85).aspx
If you have any other questions or concerns, please feel free to let me
know. Have a nice day!
Best regards,
Charles Wang
Microsoft Online Community Support
=========================================================
Delighting our customers is our #1 priority. We welcome your
comments and suggestions about how we can improve the
support we provide to you. Please feel free to let my manager
know what you think of the level of service provided. You can
send feedback directly to my manager at: msdnmg@xxxxxxxxxxxxxx
=========================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
=========================================================
.
- Prev by Date: Re: Problem related to BYTE*
- Next by Date: How do I instantiate a COM object defined in a TLB file?
- Previous by thread: Re: Problem related to BYTE*
- Next by thread: How do I instantiate a COM object defined in a TLB file?
- Index(es):
Relevant Pages
|
