[This is preliminary documentation and subject to change.]
The following tables indicate the result of the authentication process under various conditions using a particular marshaler on a particular platform.
When a user and password is specified on a local connection:
| Marshaler | Source and Destination | Result |
|---|---|---|
| Anonymous pipes | Win95 IPC | Full permission in all cases |
| COM | Win98 IPC | Full permission in all cases |
| DCOM | NT4/5 IPC | Specified user and password are ignored and the current user is assumed regardless. Group memberships are checked as well as any matching __NTLMUser instances. User is denied access if he is not a member of Administrators, WBEM Users, any __NTLMGroup, or does not have a corresponding __NTLMUser instance. |
When a user and password is specified on a remote connection:
| Marshaler | Source and Destination | Result |
|---|---|---|
| DCOM | To Win95 or Win98 | Specified user and password is used for authentication against the domain controller. A corresponding __NTLMUser instance must be present in the CIMOM schema. |
| DCOM | To NT4 or NT5 | Specified user and password is authenticated. Group memberships are checked, as are any matching __NTLMUser memberships. User is denied access if he is not a member of Administrators, WBEM Users, any __NTLMGroup, or does not have a corresponding __NTLMUser instance. |
When no user or password is specified on a local connection:
| Marshaler | Source and Destination | Result |
|---|---|---|
| Anon pipes | Win95 IPC | Full permission in all cases |
| DCOM | Win98 IPC | Full permission in all cases |
| DCOM | WinNT4 or WinNT5 | Current user is assumed. Group memberships are checked and matching __NTLMUser instances. User is denied access if he is not a member of Administrators, WBEM Users, any __NTLMGroup, or does not have a corresponding __NTLMUser instance. |
When no user or password is specified on a remote connection:
| Marshaler | Source and Destination | Result |
|---|---|---|
| DCOM | Win95 or Win98 | Current user is propagated. A corresponding __NTLMUser instance must be present in the CIMOM repository or access is denied. |
| DCOM | WinNT4 or WinNT5 | Current user is assumed. Group memberships are checked and matching __NTLMUser instances. User is denied access if he is not a member of Administrators, WBEM Users, any __NTLMGroup, or does not have a corresponding __NTLMUser instance. |