Issue with getting DCOM APP permission via PowerShell and WMI call

This topic contains 2 replies, has 2 voices, and was last updated by Profile photo of Petr Poleshko Petr Poleshko 2 months, 3 weeks ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #45232
    Profile photo of Petr Poleshko
    Petr Poleshko
    Participant

    Howdy,
    In DCOM there is an app called: SMS Agent Host with AppID: {AD65A69D-3831-40D7-9629-9B0B50A93843}
    I added new user Domain\User to the Launch and Activation Permission section with following settings:
    Local Launch = Allow
    Remote Launch = Deny
    Local Activation = Allow
    Remote Activation = Deny

    I used this code below to get the current list of users who are configured with Allow and Deny permissions for this App:

    (Get-WmiObject -Class Win32_DCOMApplicationSetting -Filter "AppId='{AD65A69D-3831-40D7-9629-9B0B50A93843}'" -EnableAllPrivileges).GetAccessSecurityDescriptor().Descriptor.DACL.Trustee.Name

    And the problem is that i always receive a list without the user i added:

    Administrators
    SYSTEM
    INTERACTIVE
    LOCAL SERVICE
    NETWORK SERVICE
    TERMINAL SERVER USER
    Administrators
    SYSTEM
    INTERACTIVE
    NETWORK SERVICE
    LOCAL SERVICE
    TERMINAL SERVER USER

    The question is: How can i get the FULL list of users who has any permissions for the DCOM APP in "Launch and Activation Permission" section?

    #45410
    Profile photo of Don Jones
    Don Jones
    Keymaster

    GetLaunchSecurityDescriptor()?

    #45536
    Profile photo of Petr Poleshko
    Petr Poleshko
    Participant

    Hi,
    Greatest thanks ever 🙂 sometimes you can look through the code for hours but won't notice a mistake 🙂

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.