Purchase

HomeSite MapSearchCheckout Buy On-LineContact Us

Product Sections

Main Pages

  

Windows XP DCOM Setup Instructions for SureSync 4.1

SureSync Support : Windows XP & Windows 2003 DCOM Setup

New Features | Features | Add-On Products | Product Literature | System Requirements

This document applies to SureSync 4.

If you are running Windows NT 4.0 or Windows 2000 please click here for setup instructions for your operating system.

If you plan to run the SureSync scheduler as a service you must configure DCOM on the machine which will run the scheduler. This is usually the same machine where you run your SureSync jobs.

The SureSync User Account

DCOM is a component of Windows which allows an application to execute using the file permissions of a specified user. You will need to specify a user for the SureSync components to run under in DCOM before running the scheduler as a service. You will want to select or create this account before beginning configuration of DCOM. The user account must have permissions to access the files you are planning to synchronise. We recommend the use of a domain administrator account. If multiple domains are being used then a trust must exist so the account will be recognised on all machines involved in the synchronisation.

Note: If you are running the SPIAgent add-on you can specify different accounts to access each machine with. In this instance you can specify a local administrator account for SureSync to use in DCOM and then specify different accounts for agents on the remote machines in Tools\Server Settings.

Once you have selected a user account you must specify the advanced user rights of "log on as batch job" and "logon as service" to the chosen identity. For Windows XP and Windows 2003 it is specified by going to Start\Programs\Administrative Tools\Local Security Policy and then going to "Local Policy" and finally "User Rights Assignment."

Component Services

Microsoft has changed the utility used to configure DCOM in Windows XP and Windows 2003. DCOM is now configured using the Component Services utility. You can access this utility by going to "Start > Programs > SureSync > DCOM Configuration". The resulting panel will look like:

DCOM Configuration - Default Security

The first step in DCOM configuration is to specify the Default Access and Default Launch permissions. First click on the "+" to expand "Component Services", then "Computers", and finally "My Computer". Your Component services window should now look like the one below.

To configure "Default Access" and "Default Launch" permissions right click on "My Computer" on the left hand pane and select properties. A window will appear with a number of tabs. Select the tab titled "Default COM Security" as shown below.

Note: Configuring Default Security is not necessary if you choose to specify launch and access permissions for each SureSync component individually. To do this you would go to the "Applications" tab in DCOM which is discussed later in this document, select each of the three SureSync components, go to the "Identity" tab and specify the same rights mentioned below for launch and access permissions. We recommend using Default Security Permissions to make configuration easier.

For both "Default Access" and "Default Launch" the requirements are the same. Click the "Edit Default" button and add the following identities to the list: the built-in account SYSTEM, the built-in account INTERACTIVE, and the account which you selected in "The SureSync User Account" above, and any other user accounts which you plan to launch SureSync under. This process is outlined in the screenshots below.

Note: Some of these identities may already be present. Do not remove identities which are already present unless you're sure no other application is using them. Various programs use DCOM and removing rights could cause problems with applications using those rights.

Click on "Edit Default" and the window shown below will appear.

Click on the "Add" button and the following window will appear.

Click on the "Advanced" button to get to the window below.

Make sure you have selected the right location in the "From this location" field. This should be your domain. Click on the "Find Now" button. This will list accounts available to you. You can select multiple accounts by holding down the Ctrl key and clicking on the account in question.

DCOM Configuration - Default Properties

On the "Default Properties" tab verify that the "Default Authentication Level" is set to "Connect" and that the "Default Impersonation Level" is set to "Identify".

DCOM Configuration - Applications

Warning: Do not attempt DCOM configuration until you have selected a user account as mentioned in "The SureSync User Account" above. Do not attempt to run the scheduler as a service until DCOM configuration has been completed. The scheduler will not run as a service properly until DCOM configuration has been completed. If you have already selected "Configure scheduler to run as a service" under Tools\Options in SureSync please uncheck that option can click apply before continuing.

To configure the SureSync components in DCOM click on the plus to the left of "DCOM Config" to branch out the DCOM components on your system. Scroll down the list until you see components starting with the characters "SPI". You will need to configure "SPIAlrtM.SPIAlertServer", "SPISureSyncFile4.SPIFileSync", and "SPISureSyncSched3.SPIScheduler". You also need to configure "SPISyncRun.SPISyncJob" if you are planning on using the SyncRun command line utility to run synchronisations.

To configure, simply right click on the first component and select properties, then select the "Identity" tab on the window that appears, select "This user", and then click the "browse" button to find your chosen identity. It must appear in the list for the correct domain or configuration will not be possible. Once found, click "Add" and then click "OK" to save it. You must then type the correct password for this identity into both password boxes and click "OK" to save your changes. Repeat the process for the remaining two components.

Note: If you chose to specify launch and access permissions on the component level instead of using Default Security as mentioned earlier in this document you would specify it on the "Security" tab for each component.

Windows XP and Windows 2003 will validate the account when you click "apply". If the username or password is incorrect you will get an error. Also remember that when the password for this identity changes, you will need to re-configure each application.

Completing Configuration

Now that DCOM configuration is completed, start SureSync and select "Options" from the "Tools" menu. Then on the "General" tab check "Configure Scheduler to run as a service" and click "Apply". You should then receive a message stating that the service was successfully installed. Once this is done bring up services in Windows and start the "SureSync Scheduler Start" service.

Congratulations! You have completed DCOM configuration and set the scheduler to run as a service. The scheduler should now automatically run after a reboot of your machine. It will also stay running when no one is logged into the machine.

Problems

Improperly configured DCOM entries can yield some unobvious errors. If you get errors like "cannot connect to filesync object", you should review your DCOM information. 

If you suspect DCOM problems, always check the Windows System Event log for DCOM messages. These will commonly show as "permission denied", "access denied", "unknown user", etc. SureSync may or may not reflect this information in the Job Log.

Contacting Support

If you continue to have problems, please do not hesitate to contact our technical support department for assistance. Click here to contact our Technical Support Team.

  

  

Legal Policy  •  Privacy Policy  •  Site Feedback  
Copyright © 2010 by Open Seas (UK) Ltd. All Rights Reserved. Contact Us.