5.1 Security Considerations for Implementers

Clients can invoke methods of this interface at the "none" authentication level as defined by [MS-RPCE]. Server implementations have to be designed with careful consideration given to the security implications of accepting method calls from unauthenticated clients. Server implementations can reject methods invoked by unauthenticated clients by returning RPC_S_ACCESS_DENIED (0x00000005).

The R_QMGetRTQMServerPort method is an exception to the above consideration since clients can invoke R_QMGetRTQMServerPort prior to configuring security for the RPC binding. For this reason, server implementations do not restrict access to the R_QMGetRTQMServerPort method.