Security on Windows 95-only Networks

If you have a network of machines running Windows 95, it is important to know whether there is a Windows NT domain in the network. If there is a Windows NT domain, Windows 95 can provide authentication and authorization using a pass-through security mechanism. However, if there is no Windows NT domain in the network, only unsecure calls can be made.

Because the default behavior of COM is to try to make a secure call and then default to an unsecure call, you need to change COM's default behavior before a COM client can successfully call a COM server over a Windows 95-only network. To change this behavior, the following tasks must be done:

• Both the client and server must set the authentication level for call security to be RPC_C_AUTHN_LEVEL_NONE.
• On activation, the client must specify an authentication level of RPC_C_AUTHN_LEVEL_NONE.
• Secure reference counting must be disabled.

For a detailed explanation of these issues, see the MSDN Knowledge Base article Q174024 entitled FAQ: DCOM95 Frequently Asked Questions.