0 Replies Latest reply on Aug 31, 2018 6:10 AM by husch

    NetworkDirect API: Loading of "NDv2 Provider for Mellanox WinOF-2" requires admin privileges


      Hello everybody,


      I have an issue in my NetworkDirect RDMA application when loading the Mellanox NDv2 provider. It seems as the newer WinOF-2 driver for ConnectX-4 IB HCAs (mlx5nd.dll) requires that the connecting process has adminstrator privileges.

      Because when running my application with normal user privileges, I get an error 0x80070005 (Access denied), whereas this has never been an issue with the older WinOF driver for ConnectX-3 HCAs (mlx4nd.dll).

      Here the failing code sequence from my ndhelper.cpp:


      static HMODULE      g_hProvider  = NULL;

      static IND2Provider g_pIProvider = NULL;


      static HRESULT LoadProvider( __in WSAPROTOCOL_INFOW* pProtocol )


          WCHAR* pPath = ::GetProviderPath( pProtocol ); // %SystemRoot%\System32\mlx5nd.dll

           g_hProvider = ::LoadLibraryW( pPath );

          ::HeapFree( ::GetProcessHeap(), 0, pPath );


          DLLGETCLASSOBJECT pfnDllGetClassObject = reinterpret_cast<DLLGETCLASSOBJECT>(

              ::GetProcAddress( g_hProvider, "DllGetClassObject" )



          DLLGETCLASSOBJECT pfnDllCanUnloadNow = reinterpret_cast<DLLCANUNLOADNOW>(

              ::GetProcAddress(g_hProvider, "DllCanUnloadNow")



          IClassFactory* pClassFactory;


          HRESULT hr = pfnDllGetClassObject(






          if (g_pIProvider == NULL) {

              hr = pClassFactory->CreateInstance(





              if (FAILED(hr)) {

                  TRACE("ClassFactory->CreateInstance(IID_IND2Provider) failed with error 0x%08X", hr); // Without having admin rights, always ending up here!

                  g_pIProvider = NULL;






      Unfortunately, just giving my process admin privileges is not an option for me. So I would appreciate if someone has an idea how to overcome this issue.

      Perhaps some tuning of security configuration via dcomcnfg or the like(?)


      BTW: The Mellanox-provided tools nd_read_bw.exe and nd_write_bw.exe have the same behavior:

      • Those from WinOF driver 5.35 on ConnectX-3 FDR HCA can run WITH or WITHOUT admin privileges.
      • Those from WinOF-2 driver 1.80 on ConnectX-4 EDR HCA can run only WITH admin privileges.



      My system configuration:

      • HPE DL380Gen10
      • ConnectX-4 EDR Infiniband HCA (HPEIB EDR/EN 100Gb 2P 840QSFP28)
      • Windows Server 2012 R2
      • Mellanox WinOF-2 version 1.80


      Thanks and Regards