Using CitectSCADA > Using OPC Server DA2.0 > Configuring Remote Access to the OPC Server > Windows Vista and Windows XP SP2
Windows Vista and Windows XP SP2

This section describes how to configure the OPC Server on Windows Vista and Windows XP Service Pack 2.

Note: After configuring your OPC Server, you need to restart the server so that your settings can take effect.

To configure the OPC Server:

  1. In Windows Control Panel, double-click Security Center, and then click Windows Firewall.
  2. Select the Exceptions tab, and then click Add Program.
  3. Locate the OPC Servers and clients you want to add as exceptions. You need to add the Microsoft Management Console (used by the DCOM configuration utility, below) and the OPC utility OPCEnum.exe in the Windows/System32 folder.
  4. You might have to Browse for other executables installed on the computer to add them as exceptions. Please be aware that only .exe files are added to the exceptions list. For in-process OPC Servers and clients (DLLs and OCXs) you need to add the .exe applications that call them to the list instead.

  5. Click OK to save your exceptions.
  6. You need to now add TCP port 135 to initiate DCOM communications and allow incoming echo requests.

  7. From the Windows Firewall Exceptions tab, click Add Port.
  8. In the Name text box type DCOM.
  9. In the Port number text box type 135 and select the TCP option.
  10. Click OK to save your changes.
  11. You have now defined your exceptions, so you can restart your firewall.

    You are now ready to configure DCOM for your launch, activation, and access permissions.

  12. Choose Start | Run. Type dcomcnfg and click OK.
  13. The Component Services dialog will appear.

  14. In the tree pane, locate and select Computers under Component Services.
  15. Right-click My Computer in the pane on the right, and choose Properties from the context menu.
  16. Select the Default Properties tab. Make sure the settings are adjusted as follows:
Property
Setting

Enable Distributed COM on this computer

selected

Enable COM Internet Services on this computer

not selected

Default Distributed COM Communication Properties

Default Authentication Level

Connect

Default Impersonation Level

Identify

Provide additional security for reference tracking

not selected

  1. Click Apply to save your changes.

    Note: For some OPC servers, setting the Default Authentication Level to "Connect" does not work. If this is the case, try setting this property to "None".

  2. You need to then edit the access permissions. Select the COM Security tab, and click Edit Limits in the Access Permissions section.
  3. Use the Access Permission dialog to select Anonymous Logon, and then check Allow for the Remote Access option.
  4. This is needed for OPCEnum.exe to function correctly, and for any OPC Servers and clients that set their DCOM authentication level to None in order to allow anonymous connections. If you don't use OPCEnum.exe, you might not need to enable remote access for anonymous users.

  5. Click Apply to save your changes.
  6. You need to then edit the launch and activation permissions.

  7. Select Edit Limits in the Launch and Activation Permissions section of the Default COM Security tab.
  8. In the Group or user names list, select Everyone then select every check box in the Allow column.

  9. Click OK to save your changes.
  10. Finally, you're ready to edit the default permissions for Access and Launch for each user (or group) that participates in OPC communication (for example, "OPC Users").

  11. In the Access Permissions section of the COM Security tab, click Edit Default. Select the necessary users/groups and allow Local Access and Remote Access. Click OK to save your changes.
  12. In the Launch and Activation Permissions section of the COM Security tab, click Edit Default. Select the necessary users/groups and allow Local Access and Remote Access. Click OK to save your changes.

You have now configured your OPC Server.

Note: You need to restart this machine so that your settings can take effect.

You are now ready to configure your OPC Client.