Promotic

Configuration of the DCOM interface for OPC-DA server

The fundamentals of remote access to OPC-DA server by means of DCOM

1) The OPC-DA server can be considered as a general ActiveX object (see Configuration of the DCOM interface for ActiveX), so it is possible to install the OPC-DA server on both server and client sides.
2) However in case of the OPC server, there is another recommended, easier and better procedure. In such case the OPC server is installed only on the server side. On the client side, it is necessary to install OPC core components redistributable package (directly from the OPC Foundation), allowing the connection to any remote OPC server. It is even recommended to install such package also on the server (together with the OPC server) because this package contains the OPCEnum.exe component (available as Windows service or as a regular program), that allows the remote clients to list through the installed OPC servers. The redistributable package can be obtained either from the www.opcfoundation.org Webpages, or from the MICROSYS company Webpages https://www.promotic.eu/PmInstall/OPC_CoreComponentsRedistributable.zip. Caution! The package requires installed .NET version 1.1 and higher (otherwise it cannot be installed). The package contains also the DCOM access for .NET applications.
a) If the OPC core components package is installed also on both client and server sides, then it is possible on client site in the PROMOTIC system to use button in the "OPC server - CLSID/ProgID" configurator to browse through the list of installed OPC servers on the server. The server computer is defined in the "Run on computer" configurator.
b) If the OPC core components package is installed only on the client side, then it is not possible to browse through the list of installe OPC servers on the server, and it is necessary to enter the CLSID of the remote OPC server manually.

The main condition for connecting to the remote OPC server (that is not installed locally) is, that the OPC server link must be defined as CLSID (e.g. {00000001-0000-11d1-8011-00A024CFCA34}), not as ProgID (e.g. "MS.OPCServer.1"). The "OPC server - CLSID/ProgID" configurator of the PmaOpcDaClient object, when selected returns CLSID.
When configuring the DCOM messages on the server (DCOMCNFG.EXE) it is necessary to set the corresponding permissions not only for the OPC server itself, but also for the OPCEnum program from the redistributable package.
The permissions configuration procedure for DCOM for both the client and the server side is, for example, available at http://www.softwaretoolbox.com/dcom/html/dcom_.html.

Configuration of remote access to OPC server by means of DCOM

In order to configure the DCOM it is necessary to have the Windows OS administrator rights. The configuration of both DCOM server and client is similar. On the server, you can also (to OPCEnum) configure the OPC server.

1) Server and client: If the computer of the server and the client is not in the domain, then it is necessary to create the user on the server with the same name and password as the user on the client computer (shared user).


2) Server and client: If the simplified file sharing in Windows OS XP is swithced on, then the "Access denied" error occurs when trying to access the remote OPC server. Therefore it must be turned off.
See Start > Control Panel > Folder properties > View > Detailed settings > Use simplified file sharing.


3) Server and client:
Launch the console Start > Programs > Administrative Tools > Local Security Policy.
In the console go to Local Policies > Security Options
Check the following settings:
- Network access: Let Everyone permissions apply to anonymous users is enabled
- Network access: Sharing and security model for local accounts is set to Classic.


4) Server: Install the OPC-DA server.


5) Server and client: Install the OPC core components package (OPCEnum).


6) Server and client: Launch the DCOMCNFG.EXE configuration tool (located in Windows OS subfolder system32), that represents the DCOM administration console.


7) Server and client: In the console, go to Component Services > Computers > My Computer and display the Properties (by the right mouse button). Here you can manage the configuration of the common parts of COM, DCOM and default values for each COM server.
a) On the "Default properties" tab, check the settings:
- Enable Distributed COM on this computer is enabled
- Default Authentication Level is set to None
- Default Impersonation Level is set to Identify.
b) On the "COM Security" tab check the settings:
- In Access Permissions > Edit Limits for Everyone the Local Access and the Remote Access are both enabled
- In Access Permissions > Edit Default for the common user (same for client and server) the Local Access and Remote Access are both enabled
- In Launch and Activation Permissions > Edit Limits for Everyone the Local Launch, Remote Launch, Local Activation and Remote Activation are all enabled
- In Launch and Activation Permissions > Edit Default for the common user (same for client and server) the Local Launch, Remote Launch, Local Activation and Remote Activation are all enabled


8) Server and client: Configuration of DCOM for the OPCEnum program from the OPC core components package.
In the console go to Component Services > Computers > My Computer > DCOM Config > OPCEnum and display the Properties (by the right mouse button).
a) On the "General" tab check if is set Authentication Level to None.
b) On the "Location" tab check if is set Run application on this computer.
c) On the "Security" tab check if all options are set to the Use Default value. The options are Launch and Activation Permissions, Access Permissions and Configuration Permissions.
d) On the "Identity" tab check the The system account setting. If another component than OPCEnum is selected, that is not a service, (e.g. OPC server), it is also possible to set the login data of specific common user.


9) Server: Configuration of DCOM for the OPC-DA server.
In the console go to Component Services > Computers > My Computer > DCOM Config > OPC server name and display the Properties (by the right mouse button).
Caution! The configuration of the OPC server is similar to the OPCEnum configuration, therefore repeat the steps 8a to 8d.


Caution: Setting of permissions for the PROMOTIC application depends on the location of the PROMOTIC software on the disk. If the PROMOTIC software is moved to another location, then the DCOM stops working (the other functions of the PROMOTIC system may continue to work correctly). If there are multiple PROMOTIC versions on the disk and the user needs to switch between these versions then (from the DCOM configuration point of view) it is recommended to have the active version of the PROMOTIC always in the same folder (e.g. C:\Promotic\PmActive).
PROMOTIC 9.0.27 SCADA system documentation MICROSYS, spol. s r.o.

Send page remarkContact responsible person
Navigation:
 
 
- Configuration of the DCOM interface for OPC-DA server
 
 
- SVG
© MICROSYS, spol. s r.o.