3.4 Configuring DCOM Settings

Configure DCOM settings on the primary Administration server if you did not allow the setup program to configure DCOM for you.

3.4.1 Configuring the Distributed COM Users Group

If you selected to not configure Distributed COM during the DRA installation process, you should update the membership of the Distributed COM Users group to include all user accounts that use DRA. This membership should include the DRA Service Account and all Assistant Admins.

To configure the Distributed COM Users group:

  1. Log on to a DRA client computer as a DRA administrator.

  2. Start the Delegation and Configuration console. If the console does not automatically connect to the Administration server, manually establish the connection.

    NOTE:You may not be able to connect to the Administration server if the Distributed COM Users group does not contain any Assistant Admin accounts. If this is the case, configure the Distributed COM Users group using the Active Directory Users and Computers snap-in. For more information about using the Active Directory Users and Computers snap-in, see the Microsoft Web site.

  3. In the left pane, expand Account and Resource Management.

  4. Expand All My Managed Objects.

  5. Expand the domain node for each domain where you have a domain controller.

  6. Click the Builtin container.

  7. Search for the Distributed COM Users group.

  8. In the search results list, click the Distributed COM Users group.

  9. Click Members in the lower pane, then click Add Members.

  10. Add users and groups that will use DRA. Ensure you add the DRA service account to this group.

  11. Click OK.

3.4.2 Configuring the Domain Controller and Administration Server

After configuring the client computer running the Delegation and Configuration console, you should configure each domain controller and each Administration server.

To configure the domain controller and Administration server:

  1. On the Start menu, click Settings > Control Panel.

  2. Open Administrative Tools, then open Component Services.

  3. Expand Component Services > Computers > My Computer > DCOM Config.

  4. Select MCS OnePoint Administration Service on the Administration Server.

  5. On the Action menu, click Properties.

  6. On the General tab in the Authentication Level area, select Packet.

  7. On the Security tab in the Access Permissions area, select Customize, and then click Edit.

  8. Ensure the Distributed COM Users group is available. If it is not available, add it. If the Everyone group is available, remove it.

  9. Ensure the Distributed COM Users group has Local and Remote Access permissions.

  10. On the Security tab in the Launch and Activation Permissions area, select Customize, and then click Edit.

  11. Ensure the Distributed COM Users group is available. If it is not available, add it. If the Everyone group is available, remove it.

  12. Ensure the Distributed COM Users group has the following permissions:

    • Local Launch

    • Remote Launch

    • Local Activation

    • Remote Activation

  13. Apply the changes.