The copyright owner that is granting the License.Describes the best practices, location, values, and security considerations for the DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax security policy setting. "Licensor" shall mean the copyright owner or entity authorized by "License" shall mean the terms and conditions for use, reproduction,Īnd distribution as defined by Sections 1 through 9 of this document. TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION If you have some feedback or something isn´t working correctly - feel free to create an issue in the GitHub-repository. Newer versions will be tested in the future though.Īlthough the feature set is mostly complete (based on what can be done with DComPerm) there might be still some room for improvement. Although I do not expect any issues with Puppet 7 and up there is no warranty it will work as expected.
This module has been only tested on Puppet 5 so far.DComPerm requires at least Vista / Server 2008.This module is limited by the features that the DComPerm-tool offers.workaround #2: remove the user / group from DCOM-config by hand.workaround #1: create new hash element with the user / group marked as 'ensure: absent'.a user / group can be added through this module, the removal however won´t happen automatically when removing them from the nested hash.Predefined (default) user / groups can´t be changed.# manages the activation and launch permissions for an app # manages the access permissions for an app String ] levelĭefault : undef Classes # main class Class # ensures that the DComPerm.exe is present within the TEMP-path Class Defined resources # manages the launch identity of an app
Then - depending on what you need - just call the defined resources from your module like that: dcom : :identity $' ] appID In order to use it you need to include the main class first, which will then ensure that the DComPerm.exe will be copied into the TEMP-folder of the system. The extended version can be found here: Setup In order to do that the dcom module uses an extended version of a tool called "DComPerm" whose soure code can be found in the Windows SDK. It can help you out with the following things: manage the user identity of the app it should be launched as, manage the user access permissions, manage the local / remote launch & activation permissions. This module manages the user / group assignments in the DCOM configuration for Windows apps.Ĭhanging those DCOM settings usually means to do it by hand, complex self-written scripts.or by using this module!
0 kommentar(er)
