“DCOM (Distributed Component Object Model) is unlike most Internet applications, which have fixed TCP and UDP ports. DCOM dynamically assigns one TCP port and one UDP port to each executable process serving DCOM objects on a computer. Any client wishing to communicate with objects owned by the server will always connect to the same TCP or UDP port. Clients discover the port associated with a particular object by connecting to and using the services provided by DCOM's Service Control Manager (SCM). The SCM always operates at a fixed network port on every computer; in the Internet case, this is always port 135 for both TCP and UDP. The SCM offers several RPC-based services which handle operations, such as: “create a new COM class object for me and tell me what TCP and UDP port it is on” or “I have an interface pointer. Tell me where I need to go to actually use it”.
DCOM's dynamic port allocation feature offers great flexibility. But unfortunately, because DCOM is free to use any port between 1024 and 65535 when it dynamically selects a port for an application, it is somewhat firewall-unfriendly. Microsoft developers realized this and have implemented a feature that allows you to restrict the range of ports that DCOM will use to assign to applications.
In DCOM, callbacks are not handled on the same connection that is used for client/server method calls. When a server makes a callback to a client, it creates a new connection to the client and sends method calls over the separate channel. DCOM treats callbacks just like any other client/server method call, except that your client is really your server and vice versa.”
“All of the named values listed below are located under the HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Internet registry key (which you must create). Remember that you only need to do this on the server machine. Clients will automatically pick up the right port numbers when they connect to the SCM on the server machine.”
Name | Type | Value | Description |
---|---|---|---|
Ports | REG_MULTI_SZ | Specify one port range per line. Example: 3000-4000 and/or 5141 | One or more port ranges. The options below determine the meaning of this named value. |
PortsInternetAvailable | REG_SZ | “Y” (don't include quotes) | Always set this to “Y”. |
UseInternetPorts | REG_SZ | “Y” or “N” (don't include quotes) | If this value is set to “Y”, then the Ports named value indicates which ports should be used for DCOM applications. If this value is set to “N”, then the Ports named value indicates which ports should NOT be used for DCOM applications. |
Om de poort vast te zetten op 6333 kan het volgende register bestand geïmporteerd worden:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Internet] "Ports"=hex(7):36,00,33,00,33,00,33,00,00,00,00,00 "PortsInternetAvailable"="Y" "UseInternetPorts"="Y"
Bronnen:Atempo - Configure DCOM to work with a firewall en MSDN - Using Distributed COM with Firewalls
Zie ook:Microsoft Support - Cannot set a fixed endpoint for a COM+ application