If you want to call any of the security functions or interface methods within your application, and are happy to set security process-wide, the simplest thing to do is to use the Dcomcnfg.exe tool to set the security levels you want in the registry. This also works well for existing applications. If you decide to set process-wide security using the registry, do not call CoInitializeSecurity within your program because COM uses the values in CoInitializeSecurity and ignores the registry values.
For step-by-step procedures on using Dcomcnfg.exe to set process-wide security, see Setting Process-Wide Security Using DCOMCNFG.
If you decide not to use Dcomcnfg.exe to set process-wide security, you can manipulate the registry values directly instead. To control access to a specific application, you can set values in the registry under the AppID key for the application. An AppID is a GUID that represents a server process for one or more classes. Each class is associated with exactly one AppID. AppIDs can be assigned only to EXEs. DLLs do not get AppIDs unless they are running in surrogate—and then it is the surrogate process that has the AppID. If multiple DLLs are loaded into a surrogate, each surrogate has only one AppID.
There are two named values under the AppID key that you can set without administrator permissions:
The AuthenticationLevel and AccessPermission values are set independently and have separate default values. If the AuthenticationLevel value is not present, the LegacyAuthenticationLevel value is used as the default. Similarly, if the AccessPermission value is not present, the DefaultAccessPermission value is used as the default. However, the AuthenticationLevel and the AccessPermission values are interrelated in the following ways: