DefaultAccessPermission

Sets the Access Control List (ACL) of the principals that can access classes for which there is no AccessPermission setting. This ACL is only used by applications that don't call CoInitializeSecurity and do not have an AccessPermission value under their AppID.

Registry Entry

HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\DefaultAccessPermission = ACL

Remarks

The DefaultAccessPermission is a named-value that is set to a REG_BINARY that contains data describing the Access Control List (ACL) of the principals who can access classes for which there is no AccessPermission named-value. In this case, the server checks the ACL described by this value while impersonating the caller that is attempting to connect to the object, and its success determines if the access is allowed or disallowed. If the access-check fails, the connection to the object is disallowed. If this named value does not exist, only the ID of the server and local system are allowed to call the server.

This key supports a simple level of centralized administration of the default connection access to running objects on a machine.

The access-permissions on this key default to the following:

See Also

AccessPermission, Registering COM Servers