BUG: Activating Visual Basic Component with Interface Forwarding When Security Is Enabled (230385)


The information in this article applies to:

  • Microsoft COM+ 1.0
  • Microsoft Visual Basic Professional Edition for Windows 6.0
  • Microsoft Visual Basic Enterprise Edition for Windows 6.0
This article was previously published under Q230385

SYMPTOMS

When a Visual Basic component is compiled several times because of interface changes, and this is installed in a COM+ application with a role(without permissions) assigned to the component, method calls on this component result in error 800706be ("The remote procedure call failed") when actually "Permission Denied" should appear.

RESOLUTION

There are two ways to work around this problem:
  • Activate the object as: 
    dim obj as YourObject
set obj = CreateObject("...")
    and not as:
    dim obj as new YourObject
call obj.Method
    -or-

  • Recompile the client after the component is recompiled.

STATUS

Microsoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.

MORE INFORMATION

Steps to Reproduce this Behavior

  1. Compile a Visual Basic component and set binary compatibility. Make interface changes to the component by adding a new Sub, and recompile it again. This means that a new IID is created every time the old IID gets a "forward" key pointing to the new IID.
  2. Install this component in a COM+ application.
  3. Create two roles in the application: Role1 with "Everyone" as users, Role2 with a user without permissions.
  4. Assign Role2 to the component by clicking properties on the component and on the Security tab, and select the check box for Role2.
  5. Call methods on the component. The expected result is "Permission Denied".
If you have not recompiled your client after recompiling the component, you may get error 800706be. This happens when you have activated the object as follows: 
dim obj as new YourObject
call obj.Method  (you will get error 800706be !)

However, you will get the correct result, "Microsoft VBScript runtime (0x800A0046) Permission denied" if you call the object as follows: 
dim obj as Object
set obj = CreateObject("...")
call obj.Method

If you recompile the client, you can create the object either way and get the correct result (Permission Denied).

NOTE: If you are using Microsoft Visual C++ and query IID_IDispatch for the new IID, you will get the proper result (Permission Denied) when you call the method. But if you query for the old IID, and you expect forward referencing to work and call the method, you will get the unexpected error 800706be ("The remote procedure call failed").

All the above methods work if Role1 is assigned to the component (so the user has access) or if security is not enabled.
Modification Type:MajorLast Reviewed:10/15/2002
Keywords:kbBug kbDSupport kberrmsg kbSecurity KB230385
©2002 Microsoft Corporation. All rights reserved.