Creation remote DCOM object fails under IIS 7 with System.UnauthorizedAccessException
I have a problem with creating a remote DCOM object under IIS 7 (Win 2008 64-bit). On the server-side there is WCF service that uses an old DCOM component as Data Source. Everything works fine on the Web Development Server and from tests, but creation remote object fails under IIS 7 with "System.UnauthorizedAccessException: Retrieving the COM class factory for remote component with CLSID {DAF3140A-C132-11D2-85FB-004033D061E9} from machine IP failed due to the following error: 80070005 IP".
I know that there are many articles about 80070005 error, but I've tried everything - without success.
Here is the code snippet how DCOM object is created:
Type objBlType = Type.GetTypeFromProgID("NetCatService.CatalogServer.1", netCatServerAddress, true);
instance = Activator.CreateInstance(objBlType);
I've granted "Everyone" an access to my DCOM object using DCOM Config, I've tried configure IIS application pool to use Network Service account and also granted "Network Service" an access to DCOM - without luck. I've used Procmon tool to find out additional resources which are used but there is nothing interesting.
I have added the following lines in the web.config file, but also without success
<system.web>
<tru开发者_StackOverflow社区st level="Full" />
<identity impersonate="true" password="pass" userName="userName" />
</system.web>
Could you please help me with this problem? Any ideas?
Thanks
I've resolved the issue;
The problem was in DCOM security configuration, I've created a Windows Service to host my application in it and got the same error: "UnauthorizedAccessException". It was a "food for thought".
After that I've done the following steps:
1) configured DCOM security settings to use a Domain Account on the server-side.
2) configured DCOM security settings to use a Domain Account from the step 1 on the client-side.
3) changed Log-On settings in the windows service to use domain account from the step 1
4) checked DCOM Authentication Level in the DCOM security settings both on the client and server sides. Authentication Level should be the same.
To get working application in IIS 7 I've created an application pool and configured it to use Domain Account from the step 1.
精彩评论