Chat now with support
Chat mit Support

Foglight for Automation Action Packs 5.6.3.8 - Hyper-V ActionPack User Guide

Local Security Settings

All settings in this section are configured using the Local Security Policy console.

1
Open the Windows Control Panel.
2
Go to Administrative Tools.
3
Start the Local Security Policy. The Local Security Settings window opens.

Navigate to Security Settings > Local Policies > Security Options > Network access: Sharing and security model for local accounts. Change the setting to Classic.

This only applies to Windows computers that are not a part of a domain.

Make sure that the user account used has permissions to access, launch, and activate COM/DCOM/Automation objects.

Add the user to the predefined local group: Administrators for Windows XP; or Distributed COM Users for Windows Vista, Windows 2003, Windows 2008, and Windows 7.

If you cannot grant the group permission to the user, do the following:

2
Navigate to Control Panel > Administrative Tools > Local Security Policy > Security Settings > Local Policies > Security Options.
3
Double-click DCOM: Machine Access Restrictions policy. Click Edit Security. Add the user created above. Enable the Remote Access option.
4
Double-click DCOM: Machine Launch Restrictions policy. Click Edit Security. Add the user created above. Enable Local Launch, Remote Launch, Local Activation, and Remote Activation options.
5
Navigate to Control Panel > Administrative Tools > Component Services > Computers. Right-click My Computer, click Properties, and open the COM Security tab.
6
In the Access Permissions section, click Edit Default. Add the user created above. Enable the Remote Access option.
7
In the Launch and Activation Permissions section, click Edit Default. Add the user created above. Enable the Local Launch, Remote Launch, Local Activation, and Remote Activation options.
1
Open Security Settings > Local Policies > Security Options.
2
Disable the User Account Control: Run all administrators in Admin Approval Mode option.

Firewall Settings

Create a rule that allows all incoming traffic for %systemroot%\system32\dllhost.exe.
For Windows Vista, 2003, and 2008: enable COM+ Network Access (DCOM-In) rule for active profile.
3
Enable File and Printer sharing access.
For Windows XP: enable File and Printer sharing exception rule.
For Windows Vista, 2003, and 2008: enable all rules in the File and Printer sharing group for active profile.

Configuration Script

Use the script below to configure the firewall.

1
On the target machine create a file named firewall-config.ps1 with the script listed below.

 

COM and Automation Objects

The COM and Automation objects are required to perform remote tasks on Windows machines that are not configured for remote activation. Therefore additional configuring of the DLL surrogate is required.

Make sure that the Administrator user has Full Control access to the following registry keys:

Use the script below to configure DCOM.

1
Create a file named dcom-config.ps1 that contains the script below on the target machine.
2
Run the script on behalf of the Administrator user using the following command:
runas /user:Administrator powershell -File dcom-config.ps1

 

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen