|Applies To||RSA ClearTrust 5.5.2 Authorization Server (AServer)|
Microsoft Windows 2000 Server SP4
|Issue||Creating RSA ClearTrust object via DCOM bridge fails with error: "no object for moniker"|
|Cause||Microsoft's fix for the LSASS vulnerability (MS04-011) included changes to the file MSV1_0.dll, effecting changes to NTLM authentication that broke JIntegra's authentication mechanism|
|Resolution||Option 1 (recommended): Apply RSA ClearTrust hot fix 220.127.116.11_dcom, which replaces the JIntegra jar files with updates that correctly handle the changes to NTLM authentication. NOTE: RSA ClearTrust hot fixes are cumulative only for the objects/archives included in the patch. Hot fix 18.104.22.168_dcom is the only hot fix for the DCOM bridge, and must be applied irrespective of other applied ClearTrust patches.|
Option 2: Change default authentication for the DCOM client to 'none' to bypass NTLM authentication:
NOTE: This option disables authentication on all DCOM communication, and is insecure by nature. This option should only be used in a test environment.
|Legacy Article ID||a24138|