AppID Key
Groups the configuration options for one or more DCOM objects into one centralized location in the registry. DCOM objects hosted by the same executable are grouped into one AppID to simplify the management of common security and configuration settings.
Registry Key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AppID_GUID}
| Registry value | Description |
|---|---|
| AccessPermission | Describes the Access Control List (ACL) of the principals that can access instances of this class. This ACL is used only by applications that do not call CoInitializeSecurity. |
| ActivateAtStorage | Configures the client to instantiate objects on the same computer as the persistent state they are using or from which they are initialized. |
| AppID | Identifies the AppID GUID that corresponds to the named executable. |
| AppIDFlags | Configures how a COM server that is configured to run as the "Interactive User" will be launched or bound to by a client in a non-default desktop. |
| AuthenticationLevel | Sets the authentication level for applications that do not call CoInitializeSecurity or for applications that call CoInitializeSecurity and specify an AppID. |
| DllSurrogate | Enables DLL servers to run in a surrogate process. If an empty string is specified, the system-supplied surrogate is used; otherwise, the value specifies the path of the surrogate to be used. |
| DllSurrogateExecutable | Enables DLL servers to run in a custom surrogate process, in conjunction with the DllSurrogate registry value. |
| Endpoints | Configures a COM application to use a specified TCP port number for DCOM communications. |
| LaunchPermission | Describes the Access Control List (ACL) of the principals that can start new servers for this class. |
| LoadUserSettings | Determines whether COM will load the user profile for COM servers running as the launching user application identity. |
| LocalService | Installs an object as a service application. |
| PreferredServerBitness | Sets the preferred architecture, 32-bit or 64-bit, for this COM server. |
| RemoteServerName | Configures the client to request the object be run at a particular computer whenever an activation function is called for which a COSERVERINFO structure is not specified. |
| ROTFlags | Controls the registration of a COM server in the running object table (ROT). |
| RunAs | Configures a class to run under a specific user account when activated by a remote client without being written as a service application. |
| ServiceParameters | Specifies the command-line parameters to be passed to an object installed for use by COM through the LocalService registry value. |
| SRPTrustLevel | Sets the software restriction policy (SRP) trust level for applications. |
Remarks
AppIDs are mapped to executables and classes using two different mechanisms:
- Using a 128-bit Globally Unique Identifier (GUID) that identifies the AppID key. A class indicates its corresponding AppID under the CLSID key in a named value "AppID". This mapping is used during activation.
- Using a named value that indicates an executable name (such as "MYOLDAPP.EXE"). This named value is of type REG_SZ and contains the string representation of the AppID associated with the executable. This mapping is used to obtain the default access permissions and authentication level.
The HKEY_LOCAL_MACHINE\SOFTWARE\Classes key corresponds to the HKEY_CLASSES_ROOT key, which was retained for compatibility with earlier versions of COM.
For COM servers, the mapping is usually generated and written to the registry during the registration process or when running dcomcnfg.exe. However, COM clients that want to set security using the AppID key must create appropriate registry keys and specify the required mapping by calling the registry functions or using Regedit.exe. Then values such as AccessPermission or AuthenticationLevel can be set for the client. For example, suppose the name of your executable for your client process is "YourClient.exe" and you want to set the authentication level to "None". You would use Guidgen.exe or Uuidgen.exe to create the GUID that is the AppID for your executable. Then you would set values in the registry as shown in the following example, where 00000001 represents an authentication level of "None":
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID
{MyGuid}
AuthenticationLevel = 00000001
MyClient.exe
AppID = {MyGUID}
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for