Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Plant SCADA

TABLE OF CONTENTS

OPC DA Server DCOM Settings

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedJul 13, 2023
  • 4 minute read

To manage user access to an OPC DA Server, it is recommended that you create a Windows user group with appropriate DCOM settings on the host server rather than dealing with Windows user identities individually. You can then just add users to this group as required.

See the Windows documentation for information on how to create a user group. Once the required user group has been created, you need to configure the required DCOM settings.

Note: These settings do not apply to an OPC AE Server. Plant SCADA's OPC AE Server does not support DCOM.

To configure the machine-wide user group DCOM settings

  1. Launch the Windows Component Services manager. To do this, go to Control Panel, open Administrative Tools and then Component Services.

  2. Expand the Component Services folder, and the Computers folder.

  3. Right click on the My Computer folder, and select Properties.

  4. Go to the COM Security tab.

  5. In the Access Permissions section , click on the Edit Limits button. Make the following adjustments:

    • add the OPC DA Server users group you have created

    • allow both Local Access and Remote Access for the users group

    • click OK

      In the Access Permissions section, now click on the Edit Default... button. Make the following adjustments:

    • add the OPC DA Server users group you have created

    • allow both Local Access and Remote Access for the users group

    • click OK

  6. In the Launch and Activation Permissions section, click on the Edit Limits button. Make the following adjustments:

    • add the OPC DA Server users group you have created

    • allowLocal Launch, Remote Launch, Local Activation and Remote Activation for the users group

    • click OK

    • You can now exit the Properties dialog.

To configure the OPC DA Server specific settings

  1. Launch the Windows Component Services manager. To do this, go to Control Panel, then System and Security, Administrative Tools and then Component Services.

  2. Expand the Component Services folder, the Computers folder, the My Computer folder, and the DCOM Config folder.

  3. Locate the "AVEVA SCADA OPC DA Server" component and select Properties.

  4. Go to the Security tab.

  5. In the Launch and Activation Permissions section, select Customize and click on the Edit button. Make the following adjustments:

    • add the OPC DA Server users group you have created

    • allow Local Launch, Remote Launch, Local Activation and Remote Activation for the users group

    • click OK

  6. Go to the Identity tab. This is where you define which user accounts can run the OPC DA Server. The setting you choose will have the following implications:

    • The interactive user is the default option. This means the OPC DA Server will run using the security context of the Windows user currently logged in to the local computer. If there is no active Windows user logged in, or if the current user identity doesn't have the launching and activation permissions for the OPC DA Server, a connection will be unsuccessful.

    • The launching user - Each login session invisibly spawns multiple instances of the Runtime Manager, the OPC DA Server and the client if multiple users connect at the same time. This setting is considered a resource consuming option.

    • This user allows you to identify a specific user. A connection will not be successful if there is already an instance of the Runtime Manager running under the active Windows session. Similarly, launching the Runtime Manager using a local Windows login will be unsuccessful if an instance of the Runtime Manager has already been launched by a DCOM connection. However, this option does avoid the situation where multiple instances of the Runtime Manager and the OPC DA Server are launched.

  7. Once you have selected an option, you can exit the Properties dialog.

    To configure the connectivity environment settings

    The way you configure a server's connectivity settings depends on whether it is on a domain or part of a workgroup. The following points describe how you should set up different client/server combinations.

    • If the server is on a domain and the client is on a domain:

      On the server computer, add the domain login identity that the client uses to the OPC DCOM users group you have created.

    • If the server is on a domain and the client is part of a workgroup:

      Create a matching Windows login identity on the server with the same password as the Windows login identity on the client machine. Add this Windows login identity to the OPC DCOM users group you have created.

    • If the server is part of a workgroup and the client is on a domain:

      Create a matching Windows login identity on the server with the same password as the domain login identity on the client machine. Add this Windows logon identity to the OPC DCOM users group you have created.

    • If the server is part of the same workgroup as the client:

      Create a matching Windows login identity on the server with the same password as the Windows login identity on the client machine. Add this Windows login identity to the OPC DCOM users group you have created.

      Note: The registry entry for OPC Client application needs to be configured to accept callbacks. An indication that this is not being done as required, is that all synchronous OPC DA APIs work as expected but data updates and other asynchronous operation never complete.

    Note: If you intend to run your OPC DA server as a service, you will also need to specify the user account under which the service will operate. For more information , see Run an OPC DA Server as a Service.

    See Also

    OPC DA Server Properties

    In This Topic
    TitleResults for “How to create a CRG?”Also Available in