0

I 'm fed up trying to instantiate a remote object.

dcomcnfg used, access enabled to all, Windows 7, same workgroup PCs.

CoInitializeEx(0,COINIT_APARTMENTTHREADED);
CoInitializeSecurity(0, -1, NULL, NULL,RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, NULL);
COAUTHINFO ca = {0};
ca.dwAuthnSvc = RPC_C_AUTHN_WINNT;
ca.dwAuthzSvc = RPC_C_AUTHZ_NONE;
ca.dwAuthnLevel = RPC_C_AUTHN_LEVEL_DEFAULT;
ca.dwImpersonationLevel = RPC_C_IMP_LEVEL_IMPERSONATE;
COAUTHIDENTITY id = {0};
ca.pAuthIdentityData = &id;
id.User = (USHORT*)<username>;
id.UserLength = length;
id.Password = (USHORT*)<password>;
id.PasswordLength = pwdlength;
id.Domain = (USHORT*)L"WORKGROUP";
id.DomainLength = 9;
id.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;

COSERVERINFO c = {0};
c.pwszName = L"192.168.10.3";
c.pAuthInfo = &ca;
MULTI_QI res = {0};
res.pIID = &TheIID;
HRESULT hr = CoCreateInstanceEx(TheCLSID,0,CLSCTX_REMOTE_SERVER,&c,1,&res);

Always E_ACCESSDENIED. And by the way, this sample (http://support.microsoft.com/kb/259011) works. But I can't find the source of it.

The server also calls CoInitializeSecurity() with the same levels.

When targetting a Windows XP machine, CoCreateInstanceEx() returns S_OK, but the server isn't created. When targetting Windows 7, E_ACCESSDENIED.

Any clues? Also, the working sample doesn't use U+P. Perhaps I should try an anonymous call?

Michael Chourdakis
  • 10,345
  • 3
  • 42
  • 78

2 Answers2

0

I have it working...

I have some observations on your code sample:

  • you use NULL for SOLE_AUTHENTICATION_LIST in CoInitializeSecurity; I fill that in with the same credentials as for CoCreateInstanceEx

  • you use RPC_C_AUTHN_LEVEL_DEFAULT; I use RPC_C_AUTHN_LEVEL_CONNECT

Hope this helps. And may I suggest you add DCOM as a tag to your question... this will show you DCOM related questions on the side. That helped me also.

    SEC_WINNT_AUTH_IDENTITY authIdent;
    std::wstring domain = string_cast<std::wstring>(commandLineOptions["domain"].as<std::string>());
    std::wstring username = string_cast<std::wstring>(commandLineOptions["username"].as<std::string>());
    std::wstring password = string_cast<std::wstring>(commandLineOptions["password"].as<std::string>());
    authIdent.Domain = reinterpret_cast<unsigned short*>(const_cast<wchar_t*>(domain.c_str()));
    authIdent.DomainLength = wcslen(reinterpret_cast<const wchar_t*>(authIdent.Domain));
    authIdent.User = reinterpret_cast<unsigned short*>(const_cast<wchar_t*>(username.c_str()));
    authIdent.UserLength = wcslen(reinterpret_cast<const wchar_t*>(authIdent.User));
    authIdent.Password = reinterpret_cast<unsigned short*>(const_cast<wchar_t*>(password.c_str()));
    authIdent.PasswordLength = wcslen(reinterpret_cast<const wchar_t*>(authIdent.Password));
    authIdent.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;

    /*
    SOLE_AUTHENTICATION_INFO authInfo[2];
    authInfo[0].dwAuthnSvc = RPC_C_AUTHN_WINNT;
    authInfo[0].dwAuthzSvc = RPC_C_AUTHZ_NONE;
    authInfo[0].pAuthInfo = &authIdent;

    authInfo[1].dwAuthnSvc = RPC_C_AUTHN_GSS_KERBEROS;
    authInfo[1].dwAuthzSvc = RPC_C_AUTHZ_NONE;
    authInfo[1].pAuthInfo = &authIdent;

    SOLE_AUTHENTICATION_LIST authList;
    authList.cAuthInfo = 2;
    authList.aAuthInfo = authInfo;
    */

    SOLE_AUTHENTICATION_INFO authInfo[1];
    authInfo[0].dwAuthnSvc = RPC_C_AUTHN_WINNT;
    authInfo[0].dwAuthzSvc = RPC_C_AUTHZ_NONE;
    authInfo[0].pAuthInfo = &authIdent;

    SOLE_AUTHENTICATION_LIST authList;
    authList.cAuthInfo = 1;
    authList.aAuthInfo = authInfo;


    HRESULT hr = CoInitializeSecurity(
        nullptr,                     // pVoid
        -1,                          // cAuthSvc
        nullptr,                     // asAuthSvc
        nullptr,                     // pReserved1,
        RPC_C_AUTHN_LEVEL_CONNECT,   // dwAuthnLevel,
        RPC_C_IMP_LEVEL_IMPERSONATE, // dwImpLevel,
        &authList,                   // pAuthList,
        EOAC_NONE,                   // dwCapabilities,
        nullptr);                    // pReserved3
racanu
  • 79
  • 1
  • 9
  • Thanks for your answer. It still fails with E_ACCESSDENIED. :( – Michael Chourdakis Jul 23 '12 at 17:25
  • I suppose the user you use in authIdent is defined on the server and you gave it RemoteAccess, RemoteLaunch and RemoteActivate rights. Also, I noticed something else in your code: you used the workgroup as domain. I simply used the server's name because afaik the workgroup does not have anything to do with user credentials. A user may be managed in a domain or on the local computer. Try it and let me know. – racanu Jul 23 '12 at 21:00
  • Oh, and also check that the firewall is not intruding in any way. – racanu Jul 23 '12 at 21:06
  • I managed to make it working, actually it needs the USERNAME to be explicitly allowed "everyone" does NOT include everyone as it seems. Also, it needs CoSetProxyBlanket for all the returned interfaces (and those that you query for later on). – Michael Chourdakis Jul 24 '12 at 15:42
  • I can't say anything abou Everyone... I think it should work but I think it does not include anonymous (non-authenticated) users. What I did in my configuration was to give rights to the Distributed COM Users group and add the user I wanted to this group. The fact that you need to set CoSetProxyBlanket for all returned interfaces indicates that there is something wrong with your CoInitializeSecurity. That's in fact how I discovered that in my case CoInitializeSecurity wasn't called soon enough. – racanu Jul 24 '12 at 21:23
  • I don't call CoInitializeSecurity at all anymore. When I was doing that, nothing worked. – Michael Chourdakis Jul 26 '12 at 07:00
0

i got error class not register on my xp machine while same code run ok on windows server 2003

  IGPM *pGPM = NULL; 
 hr = CoCreateInstance(CLSID_GPM, NULL, CLSCTX_INPROC_SERVER, IID_IGPM , (LPVOID*)&pGPM);
Kiran
  • 3,095
  • 5
  • 23
  • 38
vipin kumar
  • 1