Using the Windows NT NetDDE Share ManagerLast reviewed: April 4, 1997Article ID: Q114089 |
The information in this article applies to:
SUMMARYBefore applications can share data, they must establish a communication channel called a trusted share. APIs exist for creating Network DDE shares under Windows for Workgroups 3.1x, but applications you write using these APIs cannot communicate when run on Windows NT systems because they can't create trusted shares. The Windows NT DDE Share Manager allows you to create and manage Network DDE shares. This article discusses how to use Share Manager to create a DDE share for an application that runs on Windows NT, rather than rewriting the application.
MORE INFORMATIONThere are two types of DDE applications: source and destination. The DDE source application defines the DDE Share on the system on which it runs and provides data to the DDE destination application. To run the DDE Share Manager, execute DDESHARE.EXE, located in the WINNT\System32 sub-directory. Two shared-folder icons are shown. The first lists all shares on the system and the second (checked) lists the shares trusted by the currently logged on user. To view a share's properties:
A default installation of Windows NT will have three existing shares: Chat$, CLPBK$, and Hearts$.
Step One: Creating a ShareWhen adding a new share, you are required to provide three properties:
The option "Start Application on Connect" lets the destination application initiate a conversation with a source application that isn't running at the moment, although it must be in the system path. If you select the "In Service" option the program must be registered to the Windows NT system as a service, for example Chat. The "Item Security" options control access to the data items within a topic. For some applications, you may need to restrict access to specific items. Under "Item Security" select "Grant access only to these items" and enter the item names. If no restrictions are required, select "Grant access to all items." You can specify permissions for any user known to the NT security system, set up specific permissions for each user who will be accessing the share, and limit a user to specific DDE actions. The default allows everyone read and link permissions. When you select OK, the share is created and the share information is written to the registry in the following location:
\HKEY_LOCAL_MACHINE\Software\Microsoft\NetDDE\DDE Shares\sharename\... Step Two: Trusting the ShareOn the Windows NT system, the Network DDE DSDM service maintains a database of shared conversations. When a Network DDE share is accessed, the shared conversation is referenced and security checks determine if the requester can be granted access. Applications on a computer run in the "security context" of the user who is interactively logged on to the computer, so when a remote request is serviced by a running application on a computer sharing a Network DDE conversation, the application handling the request runs in the security context of the user logged onto the sharing computer, not in the security context of the remote user. This design complicates security issues. If, for instance, a remote user who establishes a Network DDE share and remotely connects to it while someone else is logged on, has the same access privileges to the sharing computer as the logged on user. To avoid this violation, users logged onto the source machine cannot access its applications unless they have this share in their trusted shares list. To add the share to the list of trusted shares, highlight the share name and select "trust share." Select the options that apply in the context of the currently logged on user. The trusted share information is written to the registry in the path:
\HKEY_CURRENT_USER\Software\Microsoft\NetDDE\DDE Trusted Shares |
Additional query words: wfw wfwg prodnt NddeShareAdd NDdeShare
© 1998 Microsoft Corporation. All rights reserved. Terms of Use. |