DCOM Configuration Information for Laserfiche Server (Version 7) and Windows XP (Service Pack 2) or Windows Server 2003 (Service Pack 1) or Windows Server 2003 (Release 2).

February 22, 2006 | KB: 1000710
Laserfiche Server - Team (MSDE) 7, Laserfiche Server - United (MS SQL) 7, Laserfiche Server - United (Oracle) 7

Summary

Windows XP (Service Pack 2), Windows Server 2003 (Service Pack 1) and Windows Server 2003 (Release 2) contain more stringent default security settings. In order to use the Laserfiche Server with Windows XP (Service Pack 2), Windows Server 2003 (Service Pack 1) or Windows Server 2003 (Release 2), you may have to turn off the Windows firewall and edit DCOM security settings.

If the firewall must remain turned on, please see the following Laserfiche Knowledge Base article:

1000765 Configuring Laserfiche to be Firewall Compatible.

More Information

You can choose to either manually make sure that the Windows firewall is turned off, that DCOM is enabled, and that DCOM settings are properly configured, or you can use a utility that will automatically perform these steps for you. Click the following link to download the utility:

FW_DCOM.zip

Extract the executable from the zip file and run it on the computer hosting the Laserfiche Server.

Note: This utility has been integrated into the Laserfiche Server 7.2 installation. During the installation, you have the option of running this utility. If you decline to run it during the installation, the utility is still installed in the Laserfiche Server installation folder, allowing you to run it at a later time.

Note: This utility is not currently compatible with Windows Vista. Running this utility on a Windows Vista computer will not correctly configure DCOM security. Please follow the procedure below to manually configure DCOM security.

To manually turn off the Windows firewall

  1. Click Start and then click Control Panel.
  2. Double-click Network Connections.
  3. Select Local Area Connection.
  4. From the File menu, click Properties.
  5. In the Local Area Connection Properties dialog box, click the Advanced tab.
  6. Make sure the Windows firewall is turned off.

    Note: Be aware that turning off the firewall will leave your computer more vulnerable to intrusions.

To manually configure DCOM security

  1. Click Start and then click Run.
  2. In the Run dialog box, type the following and click OK to load the Component Services management console:

    dcomcnfg

  3. Expand Console Root.
  4. Expand Component Services.
  5. Expand Computers.
  6. Click My Computer.
  7. From the Action menu, click Properties.
  8. In the My Computer Properties dialog box, click the COM Security tab.
  9. In the Access Permissions box, click Edit Limits.
  10. If ANONYMOUS LOGON does not appear in the list of user names, click the Add button and add ANONYMOUS LOGON.
  11. For ANONYMOUS LOGON, make sure that Local Access and Remote Access have the Allow check boxes selected.
  12. Click OK to close the Access Permission dialog box.
  13. In the My Computer Properties dialog box's COM Security tab, find the Launch and Activation Permissions section and then click Edit Limits.
  14. If ANONYMOUS LOGON does not appear in the list of trustees, click the Add button and add ANONYMOUS LOGON.
  15. For ANONYMOUS LOGON, make sure that Local Activation and Remote Activation have the Allow check boxes checked.
  16. Click OK to close the Launch Permission dialog box.
  17. In the My Computer Properties dialog box, click the Default Properties tab.
  18. Make sure the Enable Distributed COM on this computer option is selected.
  19. Make sure the Default Authentication Level is set to "Connect."
  20. Make sure the Default Impersonation Level is set to "Identify."
  21. Click OK to close the My Computer Properties dialog box.
  22. In the Component Services management console, expand My Computer.
  23. Expand DCOM Config.
  24. Click Laserfiche 7.x.
  25. From the Action menu, click Properties.
  26. In the Laserfiche 7 Properties dialog box, click the Security tab.
  27. Under Launch and Activation Permissions, select Customize.
  28. Under Launch and Activation Permissions, click Edit.
  29. If ANONYMOUS LOGON does not appear in the list of user names, click Add and add ANONYMOUS LOGON.
  30. For ANONYMOUS LOGON, make sure that the Allow check boxes for Local Activation and Remote Activation are marked.
  31. Click OK to close the Launch Permission dialog box.
  32. Click OK to close the Laserfiche 7 Properties dialog box.
  33. Close the Component Services management console.
  34. Restart the Laserfiche Server 7.x service.

Note: In rare situations, configuring ANONYMOUS LOGON in the previous steps may not be sufficient. You should then also configure the INTERACTIVE and SYSTEM accounts in the same manner.

Note: You must repeat the previous DCOM configuration procedure when upgrading from Laserfiche 7.0.x to 7.1.x and from 7.1.x to 7.2.

To restart the Laserfiche Server 7.x service

  1. Click Start and click Control Panel.
  2. Double-click Administrative Tools.
  3. Double-click Services.
  4. Scroll down and select Laserfiche Server 7.x.
  5. From the Action menu, click Restart.