DCOM configuration
Contents
DCOM configuration
Follow the steps listed in order to enable communication via DCOM.
In case the settings do not match your security requirements, alter the suggested settings accordingly.
DCOMCNFG
DCOM uses security settings in order to protect Clients and Servers from unauthorized access. The security settings may be altered within the Windows application DCOMCNFG. In order to use the program, administrative rights are required.
For Windows 9x systems, DCOMCNFG is not part of the default installation. It needs to be explicitly added.
Select "Run" and type "DCOMCNFG" in order to run DCOMCNFG. A dialog application appears, which permits to do the security settings.
In the table below the settings are listed, that in general work with OPC Servers and OPC Clients.
Parameter | Setting |
Default properties - Authentification Level | None |
Default properties - Impersonation Level | Impersonate |
Default properties - Launch and Activation permissions | Everyone, System, Administrator und Interactive User |
Default properties - Access permissions | Everyone, System, Administrator und Interactive User |
The altered settings are apllied to DCOM applications after restarting the application.
In case the two PCs are not part of the same domain, the same local user should be added to both systems. The password of this OPC User needs to be identical on both PCs.
DCOM and Windows XP
When starting DCOMCNFG in Windows XP, a user interface to configure the component services is started. The user may now get to the DCOM configuration dialog by picking "Component Services | Computers | My Computer" and then displays the properties.
The default installation of Windows XP authentificates users from remote computers as Guest. This means, that DCOM Clients can not connect to a server, as long as the Guest access is not activated and the Guest does not have enough permissions to access the server.
The default behaviour may be changed using the conrol panel
Administrative Tools | Local Security Policy | Local Policies | Security Options | Network access: Sharing and security model for local accounts. Set this to: "Classic - local users authentifcate as themselves".
DCOM und Windows XP SP2
Windows XP SP2 makes a difference in the DCOM configuration between local and remote connections. Please make sure to set the permissions also for the remote access.
For Windows XP SP2 are besides the Start and access permissions also settings for the Start and access restrictions. Per default there is a remote access restriction for the user "Everyone". This restriction needs to be removed, if access needs to be granted to someone.
DCOM and Firewalls
DCOM can not be used via a Firewall. Disable the Firewall to permit a remote communication.