Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles / web / ASP.NET

Problem due to insufficient privileges on Component Services to IIS Users

3.00/5 (5 votes)
24 May 2007CPOL2 min read 1  
When we use COM components in our application sometimes an error occurs stating that the API failed, which is from the COM component. This article will help solve this problem.

Introduction

When we use COM components in our ASP.NET application, some times an error occurs stating that the API failed, which is from the COM component. These types of problems are raised by Code Access Security (CAS) due to insufficient privileges to IIS users.

This article is for solving this problem.

Using the code

When we use COM components in our application, some times an error occurs stating that the API failed, which is from COM component. E.g., when we use the Microsoft Word 11.0 Object Library for opening Word files using Word APIs. In this case, we create an instance of Word, open a document, and count the number of words in it. Here some times an error arises and the API fails.

The reason behind this problem is the error arising in the interaction between Internet Information Services and Component Services. Whenever a request comes to IIS which invokes APIs from COM components, IIS with its IIS User refers to that component which is in Component Services. But due to insufficient privileges of the IIS User on that Component, CAS (Code Access Security) which is part of the Common Language Runtime invokes an error.

CAS grants the rights to an application depending on the security configuration of the machine. But here if the IIS User doesn't have rights over the component, CAS raises a runtime error showing that the API failed and returns a COM Exception.

The Solution over this problem is that we can give permissions to IIS User on the Component.

Following is the process to grant rights for an IIS User on a COM component:

  1. Go to Component Services in Administrative Tools in Control Panel.
  2. Right click on the component which we are going to use.
  3. Go to Security tab and click the Edit button in the "Launch & Activation Permissions" section.
  4. Go to "Group or User names" and click the Add button to add a User in IIS for the component.
  5. Enter a user name like MachineName\UserName of IIS in the given text box.
  6. Click the "Advanced" button if you want to find the IIS user.
  7. After adding that user, it will be displayed in the Security tab.

Give the following permissions from the "Permissions for IIS User" section:

  1. Local launch
  2. Remote launch
  3. Local activation
  4. Remote activation

That's all!

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)