1. Operating System users
1. Create a user with administrator permissions on the OPC server and set the password. You must set the password. It cannot be blank, for example, Username: opcclientuser password: 123
2. Use the administrator user on the opcclient server to create a user with the same administrator permissions and set the same password. The password must be set. It cannot be blank, for example, Username: opcclientuser password: 123, log in with the opcclientuser.
II,Firewall settings (both the OPC server and the client need to be set)
1. Disable the firewall that comes with windows.
2. If you do not disable the Windows Firewall, You need to configure the Allow client on the Windows Firewall management interface.ProgramAccess permission and open OPC communication port 135. The procedure is as follows:
1)
2)
3)
4)
5)
III,DCOM configuration (both OPC server and opcclient server must be set)
1. Start-> Run-> input: dcomcnfg
Go to the DCOM general default properties page and tick "enable Distributed COM on this computer" to change the default identity level to "NONE ". As shown in the following figure:
2. Open Properties> switch to the "Security" property page and edit the following four options respectively.
3. Add everyone, administratro, and anonymous users to the preceding four options, and check all the permission options. [Note: There are three users. If one user is missing, the server may not be found]
Set DTC
Under the "MSDTC" tab, click "Security Configuration" and follow the configuration
4. Go back to the "component service" interface on the OPC server, open DCOM configuration, find the name option of the registered OPC server, and open its properties.
Set Encryption
Set location
Enable interactive user
(Note: Sometimes, After configuring DCOM, You need to restart the computer. For security reasons, it is recommended that you restart your computer and perform the next step ).
Iv. Local Security Policy Configuration
1. Set the OPC server and opcclient server: Enable "Control Panel", "Administrative Tools", and enable "Local Security Policy"
2. à security option-> "Network Access: sharing and security mode of Local Accounts"-> Properties
3. Select "classic-Local User Authentication"
Note that you cannot forget this step. Otherwise, the "Access Denied" error will be reported when you connect to the OPC server!
5. other settings
1. Disable other operating firewalls and anti-virus software.. (Anti-virus software must be disabled)
1. On a machine with an OPC server. DCOM configuration is as follows
1. Run the dcomcnfg program on the server to configure DCOM.
2. Go to the general default properties page of DCOM, tick "enable Distributed COM on this computer", and change the default identity level to "NONE ".
3. go to the general default security mechanism page of DCOM, and confirm that the default access permission and the default start permission do not have everyone.
if you do not remove everyone, the application server cannot be started normally.
4. On the general page, double-click your application server to open the DCOM attribute settings of your application server.
5. Change the authentication level on the regular page to "NONE ".
6. Select "run application on this computer" on the location page ".
7. Select "use custom Access Permissions" in the Security page settings, edit each permission, and add everyone to the user list.
8. Select "Interactive User" on the identity page ".
note that nt Guest users cannot be disabled.
2. Configure DCOM on the client:
1. Click "start"-> "run", enter "dcomcnfg", and press Enter, enable DCOM configuration.
2. On the general page, double-click your application server to open the DCOM attribute settings of your application server.
3. Change the authentication level on the regular page to "NONE ".
4. On the identity page, select "Interactive User ".
5. Select "run application on this computer" on the location page ".
go to the DCOM general default properties page, and tick "enable Distributed COM on this computer" to change the default identity level to "NONE ".
after both ends are configured, the client machine can access the remote machine's opcserver.