Cross Domain DCOM Access Denied [0x00000005]

sfuser001
2010-09-22
2013-01-29
  • sfuser001

    sfuser001 - 2010-09-22

    Hi,

    I am getting an Access denied  message when trying to access a COM server in domain A from a client in domain B. In addition to the config mentioned here the user connecting to the remote COM  server is a member of local Administrators group.

    What else could be causing this?

    Full stack trace attached:

    Sep 22, 2010 11:37:57 AM org.jinterop.dcom.common.JISystem logSystemPropertiesAndVersion
    INFO: j-Interop Version = j-Interop 2.08
    Sep 22, 2010 11:37:57 AM org.jinterop.dcom.common.JISystem logSystemPropertiesAndVersion
    INFO: java.runtime.name = Java(TM) SE Runtime Environment
    sun.boot.library.path = C:\Program Files\Java\jre6\bin
    java.vm.version = 17.0-b16
    java.vm.vendor = Sun Microsystems Inc.
    java.vendor.url = http://java.sun.com/
    path.separator = ;
    java.vm.name = Java HotSpot(TM) 64-Bit Server VM
    file.encoding.pkg = sun.io
    sun.java.launcher = SUN_STANDARD
    user.country = US
    sun.os.patch.level = Service Pack 2
    java.vm.specification.name = Java Virtual Machine Specification
    user.dir = D:\foo
    java.runtime.version = 1.6.0_21-b06
    java.awt.graphicsenv = sun.awt.Win32GraphicsEnvironment
    java.endorsed.dirs = C:\Program Files\Java\jre6\lib\endorsed
    os.arch = amd64
    java.io.tmpdir = C:\DOCUME~1\usr\LOCALS~1\Temp\1\
    line.separator =
    java.vm.specification.vendor = Sun Microsystems Inc.
    user.variant =
    os.name = Windows 2003
    sun.jnu.encoding = Cp1252
    java.library.path = D:\foo\lib
    java.specification.name = Java Platform API Specification
    java.class.version = 50.0
    sun.management.compiler = HotSpot 64-Bit Server Compiler
    os.version = 5.2
    user.home = C:\Documents and Settings\usr
    user.timezone = America/Los_Angeles
    java.awt.printerjob = sun.awt.windows.WPrinterJob
    file.encoding = Cp1252
    java.specification.version = 1.6
    java.class.path = A_v0.4_20100922_1133.jar
    user.name = usr
    java.vm.specification.version = 1.0
    java.home = C:\Program Files\Java\jre6
    sun.arch.data.model = 64
    user.language = en
    java.specification.vendor = Sun Microsystems Inc.
    awt.toolkit = sun.awt.windows.WToolkit
    java.vm.info = mixed mode
    java.version = 1.6.0_21
    java.ext.dirs = C:\Program Files\Java\jre6\lib\ext;C:\WINDOWS\Sun\Java\lib\ext
    sun.boot.class.path = C:\Program Files\Java\jre6\lib\resources.jar;C:\Program Files\Java\jre6\lib\rt.jar;C:\Program Files\Java\jre6\lib\sunrsasign.jar;C:\Progra
    m Files\Java\jre6\lib\jsse.jar;C:\Program Files\Java\jre6\lib\jce.jar;C:\Program Files\Java\jre6\lib\charsets.jar;C:\Program Files\Java\jre6\classes
    java.vendor = Sun Microsystems Inc.
    file.separator = \
    java.vendor.url.bug = http://java.sun.com/cgi-bin/bugreport.cgi
    sun.io.unicode.encoding = UnicodeLittle
    sun.cpu.endian = little
    sun.desktop = windows
    sun.cpu.isalist = amd64
    Sep 22, 2010 11:37:57 AM org.jinterop.dcom.core.JIComOxidRuntime$ServerPingTimerTask run
    INFO: Running ServerPingTimerTask !
    Sep 22, 2010 11:37:57 AM org.jinterop.dcom.core.JIComOxidRuntime$ClientPingTimerTask run
    INFO: Running ClientPingTimerTask !
    Sep 22, 2010 11:37:57 AM org.jinterop.dcom.core.JISession createSession
    INFO: Created Session: -752387925
    Sep 22, 2010 11:37:57 AM org.jinterop.dcom.common.JISystem saveDBPathAndLoadFile
    INFO: progIdVsClsidDB file located at: jar:file:/D:/foo/A_v0.4_20100922_1133.jar!/progIdVsClsidDB.properties
    Sep 22, 2010 11:37:57 AM org.jinterop.dcom.common.JISystem saveDBPathAndLoadFile
    INFO: progIdVsClsidDB: {*********** deleted **********}
    Sep 22, 2010 11:37:57 AM org.jinterop.dcom.common.JISystem internal_dumpMap
    INFO: mapOfHostnamesVsIPs: {}
    Sep 22, 2010 11:37:57 AM rpc.DefaultConnection processOutgoing
    INFO:
     Sending BIND
    Sep 22, 2010 11:37:57 AM rpc.DefaultConnection processIncoming
    INFO:
     Recieved BIND_ACK
    Sep 22, 2010 11:37:57 AM rpc.DefaultConnection processOutgoing
    INFO:
     Sending AUTH3
    Sep 22, 2010 11:37:57 AM rpc.DefaultConnection processOutgoing
    INFO:
     Sending ALTER_CTX
    Sep 22, 2010 11:37:58 AM rpc.DefaultConnection processIncoming
    INFO:
     Recieved ALTER_CTX_RESP
    Sep 22, 2010 11:37:58 AM rpc.DefaultConnection processOutgoing
    INFO:
     Sending REQUEST
    Sep 22, 2010 11:37:58 AM rpc.DefaultConnection processIncoming
    INFO:
     Recieved FAULT
    ERROR 22 Sep 2010 11:37:58,034 [main] (JInteropAPIClient.java:120) - Unable to create COM Class Api.
    com.mycompany.api.client.APIException: org.jinterop.dcom.common.JIException: Access is denied, please check whether the [domain-username-password] are correct. Also, if not already done please check the GETTING STARTED and FAQ sections in readme.htm. They provide information on how to correctly configure the Windows machine for DCOM access, so as to avoid such exceptions.  [0x00000005]
            at com.mycompany.api.client.jinterop.JInteropAPIClient.createApiClass(JInteropAPIClient.java:107)
            at com.mycompany.api.client.jinterop.JInteropAPIClient.login(JInteropAPIClient.java:118)
            at com.mycompany.api.client.jinterop.JInteropAPIClient.init(JInteropAPIClient.java:52)
            at com.mycompany.tool.task.SimpleTaskRunner.<init>(SimpleTaskRunner.java:35)
            at com.mycompany.tool.task.Main.main(Main.java:80)
    Caused by: org.jinterop.dcom.common.JIException: Access is denied, please check whether the [domain-username-password] are correct. Also, if not already done please check the GETTING STARTED and FAQ sections in readme.htm. They provide information on how to correctly configure the Windows machine for DCOM access, so as to avoid such exceptions.  [0x00000005]
            at org.jinterop.dcom.core.JIComServer.init(JIComServer.java:572)
            at org.jinterop.dcom.core.JIComServer.initialise(JIComServer.java:481)
            at org.jinterop.dcom.core.JIComServer.<init>(JIComServer.java:414)
            at com.mycompany.api.client.jinterop.JInteropAPIClient.createApiClass(JInteropAPIClient.java:101)
            ... 4 more
    Caused by: rpc.FaultException: Received fault. (unknown)
            at rpc.ConnectionOrientedEndpoint.call(ConnectionOrientedEndpoint.java:141)
            at rpc.Stub.call(Stub.java:113)
            at org.jinterop.dcom.core.JIComServer.init(JIComServer.java:568)
            ... 7 more
    Sep 22, 2010 11:37:58 AM org.jinterop.dcom.core.JISession createSession
    INFO: Created Session: 529432844
    Sep 22, 2010 11:37:58 AM org.jinterop.dcom.common.JISystem internal_dumpMap
    INFO: mapOfHostnamesVsIPs: {}
    Sep 22, 2010 11:37:58 AM rpc.DefaultConnection processOutgoing
    INFO:
     Sending BIND
    Sep 22, 2010 11:37:58 AM rpc.DefaultConnection processIncoming
    INFO:
     Recieved BIND_ACK
    Sep 22, 2010 11:37:58 AM rpc.DefaultConnection processOutgoing
    INFO:
     Sending AUTH3
    Sep 22, 2010 11:37:58 AM rpc.DefaultConnection processOutgoing
    INFO:
     Sending ALTER_CTX
    Sep 22, 2010 11:37:58 AM rpc.DefaultConnection processIncoming
    INFO:
     Recieved ALTER_CTX_RESP
    Sep 22, 2010 11:37:58 AM rpc.DefaultConnection processOutgoing
    INFO:
     Sending REQUEST
    Sep 22, 2010 11:37:58 AM rpc.DefaultConnection processIncoming
    INFO:
     Recieved FAULT
    ERROR 22 Sep 2010 11:37:58,237 [main] (APIUtils.java:77) - com.mycompany.api.client.APIException: org.jinterop.dcom.common.JIException: Access is denied, please check whether the [domain-username-password] are correct. Also, if not already done please check the GETTING STARTED and FAQ sections in readme.htm. They provide information on how to correctly configure the Windows machine for DCOM access, so as to avoid such exceptions.  [0x00000005]
    Sep 22, 2010 11:37:58 AM org.jinterop.dcom.core.JISession postDestroy
    INFO: About to destroy links for Session: -752387925 , size of which is 0
    Sep 22, 2010 11:37:58 AM org.jinterop.dcom.core.JIComOxidRuntime destroySessionOIDs
    INFO: destroySessionOIDs for session: -752387925
    Sep 22, 2010 11:37:58 AM org.jinterop.dcom.core.JISession postDestroy
    INFO: About to destroy links for Session: 529432844 , size of which is 0
    Sep 22, 2010 11:37:58 AM org.jinterop.dcom.core.JIComOxidRuntime destroySessionOIDs
    INFO: destroySessionOIDs for session: 529432844
    
     
  • Vikram Roopchand

    Hi,
         Can you show the connection code (JIComServer) here ?

    thanks,
    best regards,
    Vikram

     
  • sfuser001

    sfuser001 - 2010-09-23

    This is the call to JIComServer:

    JIComServer comserver = new JIComServer(JIProgId.valueOf(className)
                            .getCorrespondingCLSID(), remoteServer, session);
    

    The session is create previously where the domain, user and password are set with the credentials of a valid user in Domain A (where the COM Server resides).

    The code works fine when the remote machine is in the same domain. Let me know if you need any additional info.

    Thanks for your time and effort.

     
  • Vikram Roopchand

    Hi,
         I would like to see the logs at FINEST level.If you are hesitant in posting them here you can mail them to my SF Id.

    thanks,
    best regards,
    Vikram

     
  • sfuser001

    sfuser001 - 2010-09-23

    The stack trace in the original post is with:

    JISystem.getLogger().setLevel(Level.ALL);
    

    Not sure what other logs I need to include. Thanks.

     
  • sfuser001

    sfuser001 - 2010-09-23

    On an related how do I get j-interop to hit specific ports on the COM server? Is this confirgurable with j-interop?

     
  • Vikram Roopchand

    The logs are coming at INFO level. I don't think the setting had any impact.

     
  • Vikram Roopchand

    Specific Ports can be configured by COM itself. Please have a look at DCOMCnfg and then your specific COM server via that. If you are going to use Callbacks (events) then we need to change j-Interop as it picks up any free port available for starting it's COM runtime and not from a range.

     
  • sfuser001

    sfuser001 - 2010-09-23

    OK so what do I need to do to set the log level to FINEST?

     
  • sfuser001

    sfuser001 - 2010-09-23

    Emailed log with FINEST level to vikramrc@users.sourceforge.net

     
  • sfuser001

    sfuser001 - 2010-09-23

    Sent you another email with differences in the log output of when it works (2 computers in same domain) and when it doesn't (2 computers in different domains).  Any help is greatly appreciated.

     
  • aditi

    aditi - 2013-01-29

    Sir, i m having SAME problem..
    please help me..

    i tried everything..for exception=> Access is denied, please check whether the [domain-username-password] are correct. Also, if not already done please check the GETTING STARTED and FAQ sections in readme.htm. They provide information on how to correctly configure the Windows machine for DCOM access, so as to avoid such exceptions. [0x00000005]

    ->I also set permission for WBEM locator..
    ->my firewall is off
    ->Remote registry and server services are on
    ->setautoregistration flag is on
    ->component services edit default done..

    Please help me ..
    I want to open excel.Application on remote host and it is also installed...
    Expecting for reply soon..

    Regards,
    Aditi

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks