Access is denied when calling a remote serviced component (framework 1.1->1.0 issue)

S

Stan

Here is my scenario:

Web server
------------
Framework 1.1
Application proxy for the serviced component

Component server
-------------------
Framework 1.0
Serviced component (written in 1.0)

There is Access Denied error message on the web server when a call is made
to the component.

The problem goes away if framework 1.1 is uninstalled.

I switched the ISS binding with ASPNET_REGIIS - did not help...

Has anybody seen this before? How can I fix it?

Thanks,

-Stan
 
G

Guest

Web server
The problem goes away if framework 1.1 is uninstalled.

Didn't you install .Net Framework 1.0 to Web server?
There is Access Denied error message on the web server

Where did you get error messages? event log?
If so, could you show us the event including souce, ID, description?
 
S

Stan

The error came back to the web page

Dye Suzuki said:
Didn't you install .Net Framework 1.0 to Web server?


Where did you get error messages? event log?
If so, could you show us the event including souce, ID, description?
 
P

Peter Huang

Hi Stan,

Have you tried my suggestion, I think it is necessary to troubleshooting
the problem, I will appreiciate your efforts.
If you have any concern, please feel free to let me know.

Best regards,

Peter Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
 
S

Stan

Peter, thanks for you reply.

First of all there is nothing in the event log because the error is trapped
by the try-catch block in asp.net and displayed on the page.

When ASP.NET creates the component, the component starts spining in COM+ and
then Access Denied error occurs.

We have bumped into 1.1 - 1.0 compatibility problems in the past but this is
different. What also strange is that another web server with 1.1 and Windows
2003 does not have this problem.

I was just hoping that there is some known issue related to 1.1 - 1.0
(adjusting security policy, for example) .

Thanks,
-Stan
 
P

Peter Huang

Hi Stan,

It is strange that there is no any event log.
I think you may try to see if the policies have been opened.
1. Audit Logon event (check success and failure)
2. Audit Account logon event (check success and failure)
3, Audit Object access(check success and failure)

We may find that by follow the steps below.
Start/Control panel/Administrative Tools/Local Security Policy/
In the Local Security Policy dialog, navigate to Security setting/Local
policies/Audit policy

After that we should find some events in the Security Log in the event log.

You may have a try and let me know the result.

Best regards,

Peter Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
 
G

Guest

In 1.1 when ApplicationAccessControlAttribute is not present in the assembly,
the COM+ security configuration is enabled by default. In 1.0 security is
disabled by default. Maybe this is the problem.
 
S

Stan

Yes, but if security is enabled, should I see that COM+ explorer? The
security checkbox was not checked...
 
P

Peter Huang

Hi Stan,

Yes, we can check the security setting in the COM+ explorer. You may find
the three counterpart options by following the steps below.
1. Open COM+ explorer by running dcomcnfg
2. Navigate to the component we are using
3. right click on the component and click properties
4. select security tab
5. You may find security level, authentication level and Impersonate level
which is corresponding to the three options of
ApplicationAccessControlAttribute.

We can use the winform application but not the Webform application to
access to the Serviced component, so I suggest you check the eventlog's
security section on both the application proxy located computer and the
component located computer. If we do find we are using the same account to
access to the serviced component, but windows form succeeded while webform
application failed I think you may need to contact Microsoft PSS for
further and detailed trouble shooting, since we can not reproduce the
problem, it is hard to us to troubleshooting the problem in newgroup.

Thank for you understanding.

Best regards,

Peter Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
 
S

Steven Cheng[MSFT]

Hi Stan,

Have you had a chance to check the suggestions in the former reply or have
you got this problem resolved? If there is anything else we can help,
please feel free to post here. Thanks.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top