Configuring COM+ server credentials

When using a Web console server that isn't on the core, or if you want to use domain groups inside the LANDESK Management Suite group on the core server, there is some additional server configuration you must do for Endpoint Manager authentication to work correctly. Remote Web console servers must get database connection information and user information from the core server, but since remote Web console servers use impersonated Web credentials on IIS, they can't communicate with the core server directly.

To solve this issue, the Web console server and core server use a COM+ application to communicate via HTTPS, allowing the Web console server to get core server database and user information. You need to configure this COM+ application on the Web console server to use an account that has the necessary rights, such as the domain administrator account. The account that you provide needs to be in the LANDESK Management Suite group on the core server (this allows it to access core server database connection information), and it needs to have rights to enumerate Windows domain members.

If you're using domain groups inside the core server's LANDESK Management Suite group, Endpoint Manager also needs to be able to enumerate Windows domain members. In this case, you also need to provide an account for the core server's LANDesk1 COM+ application.

To configure the LANDesk1 COM+ application on a core or remote Web console server
  1. Go to the Web server or core server you want to configure.
  2. From the Windows Control Panel's Administrative Tools, open Component Services.
  3. Click Component Services > Computers > My Computer > COM+ Applications.
  4. Right-click the LANDesk1 COM+ application and select Properties.
  5. On the Identity tab, enter the credentials you want to use.
  6. Click OK.