Server-Side COM Security—This section covers the use of COM security on the server side. We will make use of the CoGetCallContext API function and the IServerSecurity interface to learn about the calling client.

Access Token—If you want to inquire about the detailed information of the calling client, you must use platform-specific security support. In Windows NT 4.0, COM uses the NTLM security provider. We will take advantage of NT security to obtain the access token of the caller. Given this access token and permissions to impersonate, we can find pretty much everything about the caller. In our exercise, we will obtain the user’s unique security identifier (SID) and the groups to which the user belongs.

Audit Trail—An audit trail allows application servers to log important messages (e.g., security violations) that can be traced and audited. In typical applications, these audit messages are written to text files. However, since the NT event log allows a common facility to log audit or application messages, we will use this facility ...