Ensure that the Server service and Remote Registry service are running on the workstation where the COM server resides.
All settings in this section are configured using the Local Security Policy console.
1 |
Open the Windows Control Panel. |
2 |
Go to Administrative Tools. |
3 |
Navigate to Security Settings > Local Policies > Security Options > Network access: Sharing and security model for local accounts. Change the setting to Classic.
This only applies to Windows computers that are not a part of a domain.
• |
Add the user to the predefined local group: Administrators for Windows XP; or Distributed COM Users for Windows Vista, Windows 2003, Windows 2008, and Windows 7. |
If you cannot grant the group permission to the user, do the following:
1 |
Create a local user in the Users group. |
2 |
Navigate to Control Panel > Administrative Tools > Local Security Policy > Security Settings > Local Policies > Security Options. |
3 |
Double-click DCOM: Machine Access Restrictions policy. Click Edit Security. Add the user created above. Enable the Remote Access option. |
4 |
Double-click DCOM: Machine Launch Restrictions policy. Click Edit Security. Add the user created above. Enable Local Launch, Remote Launch, Local Activation, and Remote Activation options. |
5 |
Navigate to Control Panel > Administrative Tools > Component Services > Computers. Right-click My Computer, click Properties, and open the COM Security tab. |
6 |
In the Access Permissions section, click Edit Default. Add the user created above. Enable the Remote Access option. |
7 |
In the Launch and Activation Permissions section, click Edit Default. Add the user created above. Enable the Local Launch, Remote Launch, Local Activation, and Remote Activation options. |
1 |
2 |
Disable the User Account Control: Run all administrators in Admin Approval Mode option. |
1 |
• |
Create a rule that allows all incoming traffic for %systemroot%\system32\dllhost.exe. |
• |
For 64-bit systems only: create a rule that allows all incoming traffic for %systemroot%\SysWOW64\dllhost.exe. |
• |
For Windows Vista, 2003, and 2008: enable COM+ Network Access (DCOM-In) rule for active profile. |
3 |
Enable File and Printer sharing access. |
• |
For Windows XP: enable File and Printer sharing exception rule. |
• |
For Windows Vista, 2003, and 2008: enable all rules in the File and Printer sharing group for active profile. |
Use the script below to configure the firewall.
1 |
On the target machine create a file named firewall-config.ps1 with the script listed below. |
2 |
Run the script with Administrator’s privileges using the following command: powershell -File firewall-config.ps1 |
© ALL RIGHTS RESERVED. 利用規約 プライバシー Cookie Preference Center