What do the different DCOM / COM security settings mean?

Question

Our application uses COM and DCOM extensively, and so as part of that we need to ensure that the COM security permissions are correctly set up. I know that I can access the

Answer 1

The settings on the security tab is the per-AppID security configuration on registry, and you will find more information on MSDN on this in AppID Key:

AccessPermission Describes the Access Control List (ACL) of the principals that can access instances of this class. This ACL is used only by applications that do not call CoInitializeSecurity.

LaunchPermission Describes the Access Control List (ACL) of the principals that can start new servers for this class.

When a COM client attempts to access COM server, COM subsystem checks client side credentials against these access lists and decides whether to allow access to server, and if server is not yet started, whether to allow its start. Hence, the two lists - for regular access and for new server launch (should it be necessary).

Note that these are per-application settings. Specific classes should have CLSID to APPID mappings on the registry to be properly associated.