I would like to create a COM object that runs in an out of process COM server as another user. How do I do that?
I have control over the COM server source code and my COM client is the only one that will be creating these COM objects.
We use COM+ to run objects as a network user that has certain rights we have given it (most to Windows Authentication to a SQL server.) What this doesn't do is control who can call these objects to untilize the security we have given it.
In Vista and future, there is a COM elevation capability that does exactly what you are looking for. Oh, looks like someone just posted that. Follow the link they left.