StarShip & Windows XP Service Pack 2 (SP2) What is XP SP2? Windows XP Service Pack 2 (SP2) is designed to better defend against viruses, worms, and hackers. Its enhanced security infrastructure offers increased manageability and control for Windows XP users. How does this impact StarShip? The increased security measures of XP SP2 block communication within the following StarShip components: StarShip GTC FedEx Atom Server (FedEx Basic) FedEx Ship Manager Server (FedEx High Volume) Please review and complete the following steps immediately after installing Windows XP SP2 (also applies to 2003 Server Service Pack 1). Note: If you are NOT shipping with FedEx, you may skip steps 5 & 6. ALL USERS, however, must continue with Step 7 to complete the configuration changes. A list of common error messages can be found on the last page of this document. StarShip GTC: The following configuration changes are necessary to ensure unint errupted GTC connectivity. On the PC that has the GTC loaded do the following steps: 1. Open up the firewall for DCOM At the RUN command type: firewall.cpl or go to Start > (All) Programs > Accessories > System Tools > Security Center > click the Firewall icon.
2. Click the Exceptions Tab then click ADD PORT Within the Add Port window: a. For NAME type in RPC PORT b. For PORT NUMBER type in 135 c. Leave TCP checked
3. Click Change Scope and you will get the following window: a. Click My network (subnet) only b. Click OK to apply changes c. Click OK to add the port to the exceptions list 4. Again, on the Exceptions tab, click Add Program to open the following window.
Click BROWSE and navigate to the GTC folder. Find COMCONNCOOR.EXE in the Browse window, select it, then click OK. This returns you to the ADD A PROGRAM screen.
Click CHANGE SCOPE to get the following window: Click the My network (subnet) only radio button then click OK. NOTE: The Windows Firewall Security Alert dialog box will appear on the screen to ask the user to unblock 'comconncoor.exe' if the GTC is not set in the exception list. If you ship FEDEX and use the ATOM SERVER (internet) - Go to step 5 If you ship FEDEX and use the FSM SERVER (high volume) - Go to step 6 If you DO NOT ship FEDEX - Skip to step 7
5. If you are using the FedEx ATOM SERVER do the following: a. Back on the EXCEPTIONS TAB click ADD PORT b. In the Name field type AtomServer c. In the Port field type 8190 d. Select TCP e. Click Change Scope... f. Select My Network (subnet) only g. Click OK to apply Scope changes h. Click OK to add the port to the exceptions list i. Click OK to exit the Windows Firewall screen j. CONTINUE WITH STEP 7
6. If you are using the FedEx Ship Manager Server (FedEx High Volume) do the following: a. On the EXCEPTION TAB, Click Add Port b. In the Name field type FXRS c. In the Port field type 2000 d. Make sure TCP is selected e. Click Change Scope... f. Select My Network (subnet) only g. Click OK to apply Scope changes h. Click OK to add the port to the exceptions list i. Click OK to exit the Windows Firewall screen j. CONTINUE WITH STEP 7
ALL USERS: 7. Click START > RUN, type DCOMCNFG and click OK. This will open the Component Services screen: a. Double click COMPONENT SERVICES to expand b. Double click COMPUTERS c. Right click MY COMPUTER and select Properties. 8. In the Properties window, click the COM SECURITY tab. There are 2 sections for editing permissions, Access Permissions & Launch and Activation Permissions. In the first section, click Edit Limits.
9. In the Access Permissions window: a. Click Add, type ANONYMOUS LOGON and click OK b. Make sure all permissions are checked (select allow) c. Click Add again, type Everyone and click OK d. Make sure all permissions are checked (select allow) e. Click OK to apply changes 10. Under Access Permissions section, click Edit Default. Add the Everyone user as explained in steps c, d and e above.
11. Under the Launch and Activation Permissions section, click Edit Limits. In the Launch Permission window: a. Click Add, type ANONYMOUS LOGON and click OK b. Make sure all permissions are checked (select allow) c. Click Add again, type Everyone and click OK d. Make sure all permissions are checked (select allow) e. Click OK to apply changes 12. Still under Launch and Activation Permissions, click Edit Default. Add the Everyone user as explained in steps c, d and e above.
13. This will bring you back to the main Component Services screen. a. Under COMPONENT SERVICES > COMPUTERS, Double click MY COMPUTER b. Click DCOM Config c. Right click DCOM Config and change the View to Detail d. Look for the GTC entry. It will be named: ComConnCoor.ClsGetMyServices GenericTransactionCoordinator(GTC) Or will be listed under Application ID {5ACDC32F-A18F-4E0E-BB91-F3FEF71E909E}
e. Right click the entry and choose Properties f. This will bring up the properties screen for the GTC. Click on the Security Tab. There are 3 sections for editing permissions: Launch and Activation Permissions, Access Permissions & Configuration Permissions.
14. Under the Launch and Activation Permissions section, click Edit In the Launch Permission window: a. Click Add, type ANONYMOUS LOGON and click OK b. Make sure all permissions are checked (select allow) c. Click Add again, type Everyone and click OK d. Make sure all permissions are checked (select allow) e. Click OK to apply changes
15. Under the Access Permissions section, click Edit In the Access Permission window: a. Click Add, type ANONYMOUS LOGON and click OK b. Make sure all permissions are checked (select allow) c. Click Add again, type Everyone and click OK d. Make sure all permissions are checked (select allow) e. Click OK to apply changes Common Error Messages: The error 'Object is required' will appear if the user does not have the rights to activate and launch the GTC. Error code 70 will be returned if ANONYMOUS LOGON is not permitted to access the GTC. V-Technologies LLC. 61 Mattatuck Heights. Waterbury, CT 06705 Phone: 800.462.4016. www.vtechnologies.com. Fax: 203.574.1979