DCOM issues

This section addresses some DCOM related problems while using OPC servers.

Problem: You have an "Access denied" error on the client machine. The client and server are running on standalone machines (meaning not on the same domain).

Let’s assume that the OPC client is running on machine A, and the OPC server on machine B.

When the OPC client and server are on different computers, you have to give each computer access to the other by giving access permissions. Permission issue is crucial to proper DCOM configurations.

Here the server is running on a standalone machine. So the ONLY user accounts it trusts are those it finds in its own "local" security database. Here is how this can get you into trouble on setting up the OPC client to server connection.

To allow remote client to access the DCOM server, DCOM utility uses Windows Security database. For this reason, you cannot give access to a user account which does not figure in this database.

Possible workarounds

Here are some possible workarounds:

1. Add Machine B into the same domain as Machine A (or in a trusted domain), which is the safest way to set up the communication between the OPC client and the OPC server correctly.

2. Create the EXACT SAME user account name AND password on BOTH machines (for example User1 (login), PWD1 (password)). Once you have that set up, when Machine A calls on Machine B with an OPC request and identifies itself as User1 with PWD1 password, Machine B will look in its database, see the same account name, the same password, and same "come on in request from Machine A". When Machine B goes to return its data from the OPC server to the OPC client on machine A, the OPC server will call Machine A as User1 with a password. Machine A will look in its database, see that it has that account, and accept the call. This workaround should resolve the communication problem between the OPC client and the server.