views:

256

answers:

1

We have an asp.net web service running on Windows Small Business Server 2008 SP2 (64-bit). It is in its own application pool. We've tried both Integrated and Classic settings for Managed Pipeline Mode. Enable 32-bit Applications is set to True. It is not able to successfully call a vb6 dll method but a Windows Forms app on the same machine can.

Two vb6 dlls (A and B) are instantiated. The method in A is passed a reference to B as one of its parameters. That method then calls other methods within itself that also require the reference to B.

Those internal method calls in A fail with this vb6 error (the A method logs these errors in the Windows Application event log):

70 (Permission Denied)

Another error is also logged in the Windows System event log:

The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {xxx} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

The object in question (a third vb6 component which is an ActiveX EXE) has already been configured using DCOMCNFG (Component Services) with full Launch, Activation, and Access Permissions given to NETWORK SERVICE and even Everyone. Additionally, from Explorer, full control/permissions have been give to all required vb6 components to NETWORK SERVICE (tried Everyone too).

A Windows Forms application on the same machine is able to successfully call the method in A. The same web service works on another machine with a 32-bit OS.

Both the web service and the Forms app have been built with Platform Target set to "x86".

How can we get the web service call to work on the 64-bit machine?

A: 

Is the web service running using any impersonation? If not, it could be worth a try to set the identity in the web.config file to use a dedicated windows account and then make sure this has the launch/execute dcom permissions set.

ca8msm
Web.config file has "<identity impersonate="true" />". In IIS, app pool identity is set to NetworkService. So does this mean it is impersonating or connecting as NetworkService?
blueSnowflake