Article ID: 321893 - Last Review: June 23, 2005 - Revision: 3.2

INFO: Default Settings in DCOMCNFG for IIS 4.0

View products that this article applies to.
This article was previously published under Q321893
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/prodtech/IIS.mspx (http://www.microsoft.com/technet/security/prodtech/IIS.mspx)

On This Page

Expand all | Collapse all

SUMMARY

This article describes the default settings in distributed COM configuration (DCOMCNFG) on a computer that is running Microsoft Windows NT 4.0 Server with Internet Information Server (IIS) 4.0 installed.
Back to the top

MORE INFORMATION

To open the distributed COM configuration properties, type DCOMCNFG at a command prompt.
Back to the top

Applications Tab

IIS Admin Crypto Extension

The following are the default settings for the IIS Admin Crypto Extension application. To verify these settings, select IIS Admin Crypto Extension on the Applications tab, and then click Properties.
  • On the General tab, Authentication Level is set to Default.
  • On the Location tab, the Run application on this Computer check box is selected.
  • On the Security tab, Use default access permissions, Use default launch permissions, and Use custom configuration permissions are selected.
  • For Custom Configuration Permissions, Full Control permissions are set for Administrators, Creator Owner, and System, and Read permissions are set for Everyone.

    NOTE: To view these permissions, click Edit.
  • On the Identity tab, The System Account (services only) is selected.
  • On the Endpoints tab, Default system protocols is listed.

IIS WAMREG Admin Service

The following are the default settings for the IIS WAMREG Admin Service application. To verify these settings, select IIS WAMREG Admin Service on the Applications tab, and then click Properties.
  • On the General tab, Authentication Level is set to Default.
  • On the Location tab, the Run application on this Computer check box is selected.
  • On the Security tab, Use default access permissions, Use default launch permissions, and Use custom configuration permissions are selected.
  • For Custom Access Permissions, Allow Access permissions are set for System, Administrator, Everyone, and Interactive.

    NOTE: To view these permissions, click Edit.
  • For Custom Launch Permissions, Allow Launch permissions are set for System, Administrators, Interactive, and Everyone.

    NOTE: To view these permissions, click Edit.
  • For Custom Configuration Permissions, Full Control permissions are set for Administrators, Creator Owner, and System, and Read permissions are set for Everyone.

    NOTE: To view these permissions, click Edit.
  • On the Identity tab, The System Account (services only) is selected.
  • On the Endpoints tab, Default system protocols is listed.

IIS Admin Service

The following are the default settings for the IIS Admin Service application. To verify these settings, select IIS Admin Service on the Applications tab, and then click Properties.
  • In the Applications dialog box, select IIS Admin Service, and then click Properties.
  • On the General tab, Authentication Level is set to Default.
  • On the Location tab, the Run application on this Computer check box is selected.
  • On the Security tab, Use custom access permissions, Use custom launch permissions, and Use custom configuration permissions are selected.
  • For Custom Access Permissions, Allow Access permissions are set for Interactive, System, Administrator, and Everyone.

    NOTE: To view these permissions, click Edit.
  • For Custom Launch Permissions, Allow Launch permissions are set for Interactive, System, Administrators, and Everyone.

    NOTE: To view these permissions, click Edit.
  • For Custom Configuration Permissions, Full Control permissions are set for Administrators, Creator Owner, and System, and Read permissions are set for Everyone.

    NOTE: To view these permissions, click Edit.
  • On the Identity tab, The System Account (services only) is selected.
  • On the Endpoints tab, default system protocols is listed.

Web Application Manager

The following are the default settings for the Web Application Manager application. To verify these settings, select Web Application Manager on the Applications tab, and then click Properties.
  • On the General tab, the Authentication Level is set to Default.
  • On the Location tab, the Run application on this Computer check box is selected.
  • On the Security tab, Use custom access permissions, Use custom launch permissions, and Use custom configuration permissions are selected.
  • For Custom Launch Permissions, Allow Launch permissions are set for System and Everyone.

    NOTE: To view these permissions, click Edit.
  • For Custom Configuration Permissions, Full Control permissions are set for Administrators, Creator Owner, and System, and Read permissions are set for Everyone.

    NOTE: To view these permissions, click Edit.
  • On the Identity tab, This User is selected and that the specified user is IWAM_<computername>.NOTE: Do not change the password if the IWAM account is already specified. If another user account is specified, you must reset the IWAM password. For additional information about how to reset the IWAM password, click the article number below to view the article in the Microsoft Knowledge Base:
    296851  (http://support.microsoft.com/kb/296851/EN-US/ ) PRB: Error 'User Password/Validation Failed' When You Set IIS 5.0 Application to High (Isolated)
  • On the Endpoints tab, default system protocols is listed.
Back to the top

Default Properties Tab

The following are the default settings for the Default Properties tab:
  • The Enable Distributed COM on this computer check box is selected.
  • Default Authentication Level is set to Connect.
  • Default Impersonation Level is set to Identify.
Back to the top

Default Security Tab

The following are the default settings for the Default Security tab:
  • For Default Access Permissions, Interactive, System, IUSR_<computername>, and IWAM_<computer> are set to Allow Access.

    NOTE: To view these settings, click Edit Default.
  • For Default Launch Permissions, Administrators, IUSR_<computername>, IWAM_<computername>, Interactive, and System are set to Allow Launch.

    NOTE: To view these settings, click Edit Default.
  • For Default Configuration Permissions, Administrators, Creator Owner, and System have Full Control permissions, and Everyone has Read permissions.

    NOTE: To view these settings, click Edit Default.
Back to the top

Default Protocols Tab

The following are the default settings for the Default Protocols tab. To view these settings, click the Default Protocols tab, and then locate DCOM Protocols. The following are listed:
  • Datagram UDP/IP
  • Datagram IPX
  • Connection-oriented TCP/IP
  • Connection-oriented SPX
  • Connection-oriented NetBEUI
  • Connection-oriented Netbios over IPX
Back to the top
APPLIES TO
  • Microsoft Internet Information Server 4.0
Back to the top
Keywords: 
kbinfo KB321893
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations