DCOM service

DCOM service

DCOM function

The DCOM function in Terminal Server 4.0 is a subset of regular Windows NT Server 4.0 DCOM features. Based on this, some applications that are written in the normal Windows NT Server 4.0 environment, may not function properly on the terminal server. The purpose of this article is what kind of behavior will occur if applications that use DCOM functions.

The following DCOM features can be fully supported on the terminal server:


client behavior (running as any user of the terminal server and through the DCOM The process of calling other machines is not changed.

If there is no direct or indirect involving COM activation process (COGETCLASSOBJECT, COCREATEINSTANCEEX, the process of starting from remote call, etc.), the behavior of the server is not changed. For example, if the interface pointer to the COM object on the terminal server is adjusted and passed to the customer code on another machine, the server-side behavior does not involve the activation process. The occurrence of this behavior is usually the output parameters called as a DCOM method, but there may be other ways. In that case, the callback of the terminal server (now the DCOM server) will be performed as usual (including usual security restrictions). An example of an indirect activation is to resolve to the terminal server machine and cause a binding of file tags that attempt to act directly on the machine.

DCOM activation mode and Terminal Server

When running as a remote customer, the terminal server system will limit in the supported DCOM activation / process start mode. For any given ClassID or APPID, Windows NT's DCOM usually supports four activation / start modes.

acts as an activation party (default): In the Terminal Server, the local process is started by the customer session.

Run as a specified / named user: In the terminal server, the local process is always started by the session 0 (console).

is run as Win32 and Windows NT services: In the terminal server, the service is started by the session 0 (console).

DCOM service

runs as an interactive user: cannot be used in the terminal server.

For the terminal server, only mode 1 ("actuated as an activation party") is fully supported. Patterns 2 and 3 ("As a Specified / Named User Run" and "Run as Win32 and Windows NT Service") Different behaviors are running on the terminal server system, so Microsoft is not recommended or supported. The fourth mode ("As an interactive user runs"), it cannot be run at all on the terminal server.

DCOM and Windows 2000 Terminal Services

Microsoft's goal is to ensure that the above issues can be resolved in Windows 2000. The following is a brief description of the activation mode and its working mechanism for Microsoft Windows® 2000 Terminal Services:

acts as an activation party:

Local activation

server Activated in the same session to which the activation side belongs. This behavior is exactly the same regardless of whether the terminal service is enabled.

Remote Activation:

Enables the activation rules after the terminal service is not enabled. However, the process will start in the window station of the session ID 0 instead of starting in a session corresponding to the user. This is to protect the activation behavior of remote calls. To illustrate the reason for this behavior, it is assumed that the activation process is activated by the session of the user corresponding to the user on Windows 2000 Server (Enabled Terminal Services). If the user logs out, all the window stations and their processes are killed. If the user is logged in from multiple customers from the server, it is decided to exit from a client, and the customer process of other sessions of the user will not be able to see their activation process. Therefore, other sessions will fail. Based on this reason, all processes will start in the window station of session 0. Because session 0 will never be deleted, the remote activation process will continue to work.

As a naming / specified user run:

The application is configured as the specified user runs through the appid in the registry. Local and remote activation is the same.

When the terminal service is enabled, the process will start in a new window station of session 0. In the case of multiple users using the server, subsequent requests will have the same class object. The SID or LUID of the caller has no effect. In the case where a single user uses the server, new activation requests always get a new window station. Even if the same user logs in to the interactive desktop, the activation process will not share the interposer station.

Run as Win32 and Windows NT service:

The application is configured as a service running process via the AppID set.

After the terminal service is enabled, the service is still global, and does not start in a particular session. Depending on the service configuration, they are either started on the service desktop of session 0, and start on the interaction desktop of session 0.

As an interactive user:

application is configured to run in a secure environment of an interactive user.

As mentioned before, Windows NT Server 4.0, Terminal Server Edition does not support remote activation of such servers, which only supports local activation of sessions to sessions. There are two ways to start the process as the interactive user in a state where the terminal service is enabled is in the study. A way to activate the process in another session other than the current session is to use a session "flag." Another possible way is to start the process using the calibration secure credentials. Windows 2000 will provide more detailed information

Related Articles