Hello Hugo,

"By the way Christian, I see You know this stuff very well, can you take a look at Message #1029734 to see if you have an idea of what might be happening?"

not really, i've read 3 to 4 pre 1000 page books about COM but that's years ago, and i've never programmed a DCOM application myself.

But i've found a very good article about COM security which seems to contain information that exactly describes your situation.

http://www.codeguru.com/Cpp/COM-Tech/activex/security/article.php/c5555

Here's an excerpt:
---
"One of the errors that newbies often experience when they first begin tinkering with DCOM occurs when they fail to give a remote server process permission to perform callbacks to a client. Suppose a client on machine A launches a COM server on machine B and receives an interface pointer in return. Then that client passes an interface pointer of its own to the server so the server can perform callbacks.

What's wrong with this picture? Nothing, except for the fact that callbacks will only be permitted if the server process is granted access permission to the client process. If the server process is assigned the identity Mister Server, then Mister Server must be granted access permission to the client process. One way to grant that access permission is to have the client process call CoInitializeSecurity. Another way is to include Mister Server (or Everyone) in the client machine's DefaultAccessPermission ACL."
---

This is exactly your situation, you're passing an interface pointer (your object) to the server and then do a QueryInterface (that's the function GETINTERFACE calls under the hood).

So the solution should be to grant access permission on every client for the user account under which your DCOM server process runs.

Regards
Christian