|
DCOM
for XP SP2 Setup Tutorial - Step 2
Limits in DCOM Security within DCOM Config
This setup step is only required on the computer where your OPC server is running.
The second step requires you to go to the Windows Start button and click Run.
Open the Component Services tree as shown below.
Right Click on My Computer Icon and choose properties
The dialog above will open. Click on the COM Security tab to configure the default
DCOM settings for this PC
The new components with XP SP2 are the two Edit limit buttons shown above.
The critical action here is to add Anonymous Logon for both Access and Launch
Permissions or opcenum.exe will not work and your OPC client will not be able to
browse for remote OPC servers on the affected machine.
The reason for this is that OPCEnum.exe (which is an OPC Foundation supplied
application), is written to initialize security to allow Anonymous connections - it does not look for specific users.
Both Access and Launch Permissions must be set to allow everything. Subsets of
Everyone can be used but must not be more restrictive than the settings set found
under the Edit Default buttons for both Access and Launch Permissions or they will override them.
Note: If you have, or are using a web-based OPC client hosted on a webserver for example, then you should
add the user-account that your webserver/web-application uses. The default account that IIS uses is:
IUSR_<your computer name>
Click Edit Limits under both Access and Launch Permissions then add the users
as shown below. You may also have additional users included based on your user specific application requirements.
Notes:
- Also make sure that the advanced user and group settings have the right
usernames and groups added to allow the Other PC's to connect
|
