COM Security Defaults

You can use the COM security defaults for your application, rather than specifying your own security settings. In that case, COM will initialize and manage security for you. You do not need to configure the registry or call any security functions in your program. It just works.

However, if certain registry named values have been set or modified, the security defaults that COM uses will be affected. The list below describes COM security default values and explains how some values are influenced by registry settings.

These are the default security values that COM uses:

• The default security service provider is the one that is determined by COM to be the best for the environment. For Windows NT 4.0, it is NTLMSSP, the provider that is built into Windows NT. For Windows NT 5.0, COM chooses either Kerberos, NTLMSSP, or SSL.
• The system identifies a caller through user name and password, and automatically creates an identification token used by the security system.
• If the LegacyAuthenticationLevel named-value exists and if its value has been set, that value is used. Otherwise, the authentication level is set at connect (RPC_C_AUTHN_LEVEL_CONNECT). This level means that at the first call a client makes to the server, COM does an authentication check. If the client passes the check, no further authentication is done. For Windows NT 4.0 SP4 and Windows NT 5.0, the AuthenticationLevel value can also be set under the AppID key.
• If the LegacyImpersonationLevel named value exists and if its value has been set, that value is used. Otherwise, the impersonation level is set to identify (RPC_C_IMP_LEVEL_IDENTIFY). Impersonation rights are granted by the client to the server. Identify level means that the server can obtain the client's identity. The server can impersonate the client for ACL checking, but cannot access system objects as the client. For more information, see Impersonation Levels and Cloaking.
• If the AccessPermission named value under the AppID key exists and has been set, that value is used. Otherwise, COM checks for a DefaultAccessPermission entry. If present, that value is used. If this value is not present, COM constructs an ACL that grants permissions to the server identity and the local system.