Microsoft KB Archive/183607

= How To Configure DCOM for Visual Basic Using DCOMCNFG.EXE =

Article ID: 183607

Article Last Modified on 6/29/2004

-

APPLIES TO


 * Microsoft Visual Basic 5.0 Learning Edition
 * Microsoft Visual Basic 5.0 Professional Edition
 * Microsoft Visual Basic 5.0 Enterprise Edition

-



This article was previously published under Q183607



SUMMARY
This article explains how to use the DCOM configuration utility DCOMCNFG.EXE to configure DCOM for remote client/server applications created using Microsoft Visual Basic 5.0.

Incorrectly setting up security for DCOM client/server applications will typically result in the following errors:

Run-time error '429'

ActiveX component can't create object.

-or-

Run-time error '70'

Permission denied.

This article does not discuss the settings required to enable client access through firewalls. Please contact Microsoft Technical Support to obtain assistance regarding firewalls, proxy servers, or domain controllers.



MORE INFORMATION
The following settings will enable Windows NT or Windows 2000 to communicate with an NT or Windows client and back (assuming that there are no firewalls or proxy servers involved).

To configure your Visual Basic DCOM "Server" on an NT or Windows 2000machine, follow these steps: (Note that DCOMCNFG will only show servers that are EXEs. It will not show DLL servers.)

 Run DCOMCNFG.EXE. From the Applications tab, select the DCOM Server application (which will be represented by its ProgID - a friendly name, such as "Your DCOM Server") or by its CLSID (a GUID - Globally Unique Identifier) such as {5BD7512F-3F2B-11D0-B4D2-02E0C911A7B1}). Double-click the Server application or click the Properties button to view the properties of the server application. Select the Security Tab.  Make the following changes:

IMPORTANT: The following changes will allow anyone at all to launch the server. These settings are just for getting the servers up and running in development mode for debugging purposes. They are not intended for specific DCOM security on a target platform distribution.

  CUSTOM ACCESS PERMISSIONS: Everyone   -allow access System     -allow access Interactive -allow access

CUSTOM LAUNCH PERMISSIONS: Everyone   -allow launch System     -allow launch Interactive -allow launch

 Select the Identity Tab, and then select "The Interactive User."</li> Click OK, and then click OK again.</li></ol>

If your DCOM server is raising events to your clients or using client callbacks, then you will also need to make the following changes to the default settings for your NT or Windows 2000 'Server' machine:

On the NT or Windows 2000 SERVER machine:


 * 1) Using DCOMCNFG.EXE, select the Default Properties Tab.
 * 2) Set the Default Authentication Level to "None."
 * 3) Set the Default Impersonation Level to "Identify."

NOTE: Make sure you test your DCOM application where the client and the server are running under different user accounts.

If your application works at this point, then you should not need to make any configuration settings on the client machines.

If your client is receiving events raised from the server or has enabled the server to call it back, then the following steps might be necessary, depending upon your specific network:

To configure your Visual Basic DCOM "Clients:"

On the NT or Windows CLIENT machines:


 * 1) Using DCOMCNFG, select the Default Properties Tab.
 * 2) Set the Default Authentication Level to "None."
 * 3) Set the Default Impersonation Level to "Impersonate."

On the WIN95 CLIENT machines (if receiving events):


 * 1) Using DCOMCNFG.EXE, select the Default Security Tab.
 * 2) Click Edit Default.
 * 3) Grant Access to "The World" user.

Modifying and setting security settings should be done with caution and awareness. Before modifying security settings, be sure that you understand the security implications involved. The above client settings are only necessary in certain network situations and can be added via setup code to the clients registry. For more information about writing such code see the References section later in this article.

NOTE: DCOM registry keys are intended for Legacy software and not for Proprietary software or programming convenience.

<div class="references_section">