How to set up DCOM in a mixed network environment (workgroup and domain)?

V

Vladislav Yaroslavlev2012-08-04 12:20:27

Microsoft

Vladislav Yaroslavlev, 2012-08-04 12:20:27

There is a DCOM component (specifically, the 1C: Astor license manager), we run it on the workgroup computer, let's call it SERVER.
Users use it from domain computers.
If to register the same users with the same passwords on SERVER as local users work normally.
If these users are not on the SERVER computer, or they changed the password in the domain, then we get 0x80070005 (Access denied), which, in principle, is logical. But it is inconvenient: you need to register all users, which means you need to know their passwords and interrupt passwords every time you change passwords.
Is there any way to authorize users from a domain on a computer outside the domain (in a workgroup) or to allow anonymous users?
The "Let Everyone permissions apply to anonymous users" policy is enabled.
Simply put, the question is:
1. Is it possible to provide anonymous users with access to DCOM?
2. Or is it possible to somehow allow a non-domain computer to authorize domain users?
Security is not a concern at this stage, there is no possibility to enter SERVER into the domain.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

R

ryo_oh_ki, 2012-08-05
@ryo_oh_ki

In short, no. And with what the requirement of absence of SERVER in the domain is connected? If it is undesirable to enter a physical computer into the domain, then you can put a virtual machine on it (for example, VMWare), a DCOM server on it and enter only a virtual machine into the domain.

N

Nikolai Turnaviotov, 2012-08-04
@foxmuldercp

About the last point - very strange. inclusion of a server (not a domain controller) into a domain - does not prohibit local accounts.