I have a major problem with one of the applications we use here. Not the best in the world, id even go as far to say it was totally rubbish, but still our company still requires it to be used if people are connecting through SAM.
I have had no problems with other applications working at all, but this one fires up an .exe file which then makes a call to DCOM to fire off an RPC request to the host which can be seen in DNS. I always get an error back saying "Unable to connect to destination host. RPC server is not available". I think this is because its trying to use the DCOM subsystem to make the call to the server, instead of the actual .exe file making the RPC request. This causes SAM not to work, as it expects the actual .exe file to make the connection on the session and not DCOM.
So my question to someone is: Has anyone managed to get RPC over DCOM working for SAM? And "change the application" is not an option
Any pointers would be appreciated.
I have tried adding the hostname of the server, but not the IP address. I did notice that the client does not even try and contact the hostname of the server, even though I can resolve it and DNS is working fine, but I will try adding the IP address instead.
Tried this on a Net Connect role too, and appears to work ok. Its although the SAM application is not capturing the request for DCOM to use RPC.
I will try this and post back.
Tried this out and still does not work. Getting the same windows error message "the dcom subsystem could not connec to server (servername). Check that the server is available blah blah blah"
Using a command prompt resolves the server name ok, and again, using the net connect client then the RPC request gets sent through. I am not sure what I am supposed to see in the SAM client itself. I assume it would be svchost.exe trying to make the call to the server, but I am not seeing anything in the client.
Any advice would be good.
One limitations about WSAM is that it can secure traffic only for applications that rely on Winsock for making network connections, so if your app or RPC or DCOM (whichever is making the actual network calls) does not use winsock then WSAM will not be able to secure traffic. One of ways of finding if winsock is being used is with the help of the tool 'process explorer ' from sysinternals suite. Using this tool you check what dll are being loaded by the application and in the list if you see ws2_32.dll then you know winsock is being used.
This was going to be my next step, just a little busy at the moment. Usually, I would use something like strace on unix to trace out the application so ill get one of these tools installed and then find out what its doing and then let you know.
Ok, changed this message..
the application is using winsock. Also using all the comctl32.ocx files. Next step is to have a look at this with the SAM client active.