I posted this reply to your question late Wednesday night in the DonNet- Web list. Did any of this help...
Have you gone in and modified each of the audit policies to audit failures to see if anything shows up in the event log? I didn't see in any of the previous posts how the COM+ indentity user is configured locally, i.e. what groups is the user a member of and which User Rights Assigment policies might this user have? Note that depending how you configured the user on the machince could affect it's ability to generate security audits (URA Generate Security Audits) and therefore you may be missing security event log entries. This issue could be file system or registry related (auditing file system failures and regmon would indicate these) but I would bet more on the user missing needed local policies and/or local group membership. I would suspect that using the local Administrator on the machine for the COM+ identity without the IIS impersonation does work but does not solve your problem necessarily. /Chad On Fri, 15 Oct 2004 06:40:14 -0400, Bill Bassler <[EMAIL PROTECTED]> wrote: >I have .Net interop assembly that interacts with a VB 6.0 server. These are >deployed for use from a Win2003/IIS 6.0./ASP.Net web service application. >When I have the VB 6.0 component set to run out-of proc I get an 'Access >denied error'. When I set the component to run in-process it runs fine.And >this makes sense. > >I did some looking around and found that: > >The IIS 6.0 isolation mode is the default IIS WPI. IIS6 WPI mode ignores >the <processModel /> section of machine.config (ASP.NET apps are hosted by >the IIS6 worker processes, not the aspnet_wp.exe process) > >also if ASP.Net impersonates the >account that I typically run the server dll as everything is fine. >For example, if you insert the following line the Web.config file: ><identity impersonate="true" userName="machine\aComponentPrivledgesAccount" >password="pw"/> > >Everything works fine. The problem here is that the password is in plain >view. I realize that the passwords can be stored outside of the config file >using aspnet_setreg.exe but this seems like a really bad hack for the >problem. > >Question: Is there a better way to enable the VB 6.0 interop server to run >out-of -proc? Can I acheive this using only permissions or will need to set >up the site to use IIS 5.0 isolation mode as described below? I don't find >much info on this subject. > >IIS 5.0 isolation mode is also provided for backward compatibility. >When IIS 6.0 is in IIS 5.0 isolation mode, the worker process isolation >architecture of IIS 6.0 is disabled and the process model build into >ASP.NET is used for all ASP.NET applications on the computer. In this mode, >the process model settings are specified through the <processModel> element >of the Machine.config file. > >=================================== >This list is hosted by DevelopMentorŪ http://www.develop.com >Some .NET courses you may be interested in: > >Essential .NET: building applications and components with CSharp >August 30 - September 3, in Los Angeles >http://www.develop.com/courses/edotnet > >View archives and manage your subscription(s) at http://discuss.develop.com =================================== This list is hosted by DevelopMentorŪ http://www.develop.com Some .NET courses you may be interested in: Essential .NET: building applications and components with CSharp August 30 - September 3, in Los Angeles http://www.develop.com/courses/edotnet View archives and manage your subscription(s) at http://discuss.develop.com
