Click or drag to resize

EOLE_AUTHENTICATION_CAPABILITIES Enumeration

Specifies various capabilities when initializing COM security.

Namespace:  ShellBoost.Core.Utilities
Assembly:  ShellBoost.Core (in ShellBoost.Core.dll) Version: 1.8.3.0
Syntax
C#
[FlagsAttribute]
public enum EOLE_AUTHENTICATION_CAPABILITIES
Members
  Member nameValueDescription
EOAC_NONE0 Indicates that no capability flags are set.
EOAC_MUTUAL_AUTH1 If this flag is specified, it will be ignored. Support for mutual authentication is automatically provided by some authentication services.
EOAC_STATIC_CLOAKING32 Sets static cloaking. When this flag is set, DCOM uses the thread token (if present) when determining the client's identity.
EOAC_DYNAMIC_CLOAKING64 Sets dynamic cloaking. When this flag is set, DCOM uses the thread token (if present) when determining the client's identity.
EOAC_ANY_AUTHORITY128 This flag is obsolete.
EOAC_MAKE_FULLSIC256 Causes DCOM to send Schannel server principal names in fullsic format to clients as part of the default security negotiation. The name is extracted from the server certificate.
EOAC_DEFAULT2048 Tells DCOM to use the valid capabilities from the call to CoInitializeSecurity. If CoInitializeSecurity was not called, EOAC_NONE will be used for the capabilities flag.
EOAC_SECURE_REFS2 Authenticates distributed reference count calls to prevent malicious users from releasing objects that are still being used. If this flag is set, which can be done only in a call to CoInitializeSecurity by the client, the authentication level (in dwAuthnLevel) cannot be set to none.
EOAC_ACCESS_CONTROL4 Indicates that the pSecDesc parameter to CoInitializeSecurity is a pointer to an IAccessControl interface on an access control object. When DCOM makes security checks, it calls IAccessControl::IsAccessAllowed. This flag is set only by the server.
EOAC_APPID8 Indicates that the pSecDesc parameter to CoInitializeSecurity is a pointer to a GUID that is an AppID. The CoInitializeSecurity function looks up the AppID in the registry and reads the security settings from there. If this flag is set, all other parameters to CoInitializeSecurity are ignored and must be zero. Only the server can set this flag.
EOAC_DYNAMIC16 Reserved.
EOAC_REQUIRE_FULLSIC512 Causes DCOM to fail CoSetProxyBlanket calls where an Schannel principal name is specified in any format other than fullsic. This flag is currently for clients only.
EOAC_AUTO_IMPERSONATE1024 Reserved.
EOAC_DISABLE_AAA4096 Causes any activation where a server process would be launched under the caller's identity (activate-as-activator) to fail with E_ACCESSDENIED. This value, which can be specified only in a call to CoInitializeSecurity by the client, allows an application that runs under a privileged account (such as LocalSystem) to help prevent its identity from being used to launch untrusted components.
EOAC_NO_CUSTOM_MARSHAL8192 Specifying this flag helps protect server security when using DCOM or COM+. It reduces the chances of executing arbitrary DLLs because it allows the marshaling of only CLSIDs that are implemented in Ole32.dll, ComAdmin.dll, ComSvcs.dll, or Es.dll, or that implement the CATID_MARSHALER category ID. Any service that is critical to system operation should set this flag.
EOAC_RESERVED116384 Reserved.
See Also