Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Code Project
  1. Home
  2. General Programming
  3. C / C++ / MFC
  4. DCOM security issue

DCOM security issue

Scheduled Pinned Locked Moved C / C++ / MFC
helpcomsecurityquestion
1 Posts 1 Posters 0 Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T Offline
    T Offline
    tony_Udz
    wrote on last edited by
    #1

    Hello, Using below code i am trying to authorize user "Valid\User1" to create COM object of "TestServiceSecurity" from a remote machine. This code is working fine that is it not throwing any kind of error but still it is not giving autorization to "User1". Can anybody help me with this? Thanks in advance. ************************************************************************************************************************* BOOL bDaclPresent = FALSE; BOOL bDaclDefaulted = FALSE; DWORD dwError = 0; DWORD dwSize = 0; EXPLICIT_ACCESS ea; PACL pacl = NULL; PACL pNewAcl = NULL; PSECURITY_DESCRIPTOR psd; SC_HANDLE schManager = NULL; SC_HANDLE schService = NULL; SECURITY_DESCRIPTOR sd = {0}; SERVICE_STATUS_PROCESS ssp; DWORD dwBytesNeeded; PSID sid; schManager = OpenSCManager(0, 0, SC_MANAGER_CONNECT); if (schManager == NULL) DisplayError(GetLastError(), TEXT("OpenSCManager")); schService = OpenService(schManager , "TestServiceSecurity",SC_MANAGER_ALL_ACCESS); if (schService == NULL) DisplayError(GetLastError(), TEXT("OpenService")); psd = (PSECURITY_DESCRIPTOR)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwSize); // Get the current security descriptor. BOOL bResult = QueryServiceObjectSecurity(schService, DACL_SECURITY_INFORMATION, psd, 0, &dwSize); if (!bResult) { if (GetLastError() == ERROR_INSUFFICIENT_BUFFER){ psd = (PSECURITY_DESCRIPTOR)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwSize); if (psd == NULL){ DisplayError(0, TEXT("HeapAlloc")); // note HeapAlloc does not support GetLastError() } bResult = QueryServiceObjectSecurity(schService, DACL_SECURITY_INFORMATION, psd, dwSize, &dwSize); if(!bResult) DisplayError(GetLastError(), TEXT("QueryServiceObjectSecurity")); } else DisplayError(GetLastError(), TEXT("QueryServiceObjectSecurity")); } // Get the DACL. bResult = GetSecurityDescriptorDacl(psd, &bDaclPresent, &pacl, &bDaclDefaulted); if (!bResult) DisplayError(GetLastError(), TEXT("GetSecurityDescriptorDacl")); // Build the ACE. BuildExplicitAccessWithName(&ea, TEXT("Valid\\User1"), COM_RIGHTS_EXECUTE, SET_ACCESS, NO_INHERITANCE); dwError = SetEntriesInAcl(1, &ea, pacl, &pNewAcl); if (dwError != ERROR_SUCCESS) DisplayError(d

    1 Reply Last reply
    0
    Reply
    • Reply as topic
    Log in to reply
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes

    • Login
    • Don't have an account? Register
    • Login or register to search.
    • First post
      Last post
    0
    • Categories
    • Recent
    • Tags
    • Popular
    • World
    • Users
    • Groups