Connection issue WIN2K/Anonymous on WinServer2012|Classic OPC: DA, A&E, HDA, XML-DA, etc.|Forum|OPC Foundation

Avatar
Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
Connection issue WIN2K/Anonymous on WinServer2012
Avatar
Jeremie Chabod
Member
Members
Forum Posts: 3
Member Since:
11/21/2018
sp_UserOfflineSmall Offline
1
11/21/2018 - 06:55
sp_Permalink sp_Print sp_EditHistory

Hello,

I am currently porting an OPC Server application from a Win2K(AnonymousLogon) to a WinServer2012 (Login/Pass). The OPC server is a 32 bits application based on LIGHTOPC (C/C++/GNAT).
This OPC Server is accessed by an OPC Client application on a WIN2K(AnonymousLogon). This client cannot be changed in any way (cannot create user, or change DCOM configuration).

Following instructions to configure OPCEnum, DCOM and Computer, I am able to view the OPC server from my client, but not to connect. (Connection fails with error “CoCreateInstance Failed:RPC Server is unavailable”).

Note that the same OPC server will be 100% OK with client if the WIN2K is started with a user/pass matching my OPC server user/Pass.

Could anyone confirm me:
– Is it possible to connect an OPC server x32 started by “User/Pass” on a winS2012 from a “NT AUTHORITY\ANONYMOUS LOGON” on a Win2K?
– If Yes, Do you think the problem may come from Configuration or from LIGHTOPC?
– Do I have to configure x32 (mmc comexp.msc /32) x64 (dcomcnfg) DCOM parameters? (Following instruction would tend to use 32 bits configuration, but it seemsthat the 64 bits configuration is taken into account

Thanks for any help!!

Avatar
Randy Armstrong
Admin
Forum Posts: 1579
Member Since:
05/30/2017
sp_UserOfflineSmall Offline
2
11/22/2018 - 07:19
sp_Permalink sp_Print

Using anonymous will often create problems with newer OSes.

You may have to go into DCOM config and explicitly allow anonymous logins on the server.

But even then the very old client OS could still have issues.

Avatar
Jeremie Chabod
Member
Members
Forum Posts: 3
Member Since:
11/21/2018
sp_UserOfflineSmall Offline
3
11/26/2018 - 07:24
sp_Permalink sp_Print

This is what I have done in “Computer” (DCOMCNFG on server):
– Add Anonymous & Everyoner “COM Security”,
– Set “Connect/Identify” for “Default properties”

In my servers:
– Authentication Level => None
– “Interactive User”
– “Security” => ensure EveryOne & anonymous have all rights

With this configuration :
– I can enumerate servers from W2K
– If I try to connect, I get a “AddGroup : Acces is denied” error from FactorySoft OPC client (Note that This is the only OPC client I found that could run on W2K without KERNEL32 link error)
– Also note that when I try this connection I get a login callback in my server with “NT AUTHORITY\ANONYMOUS LOGON” identifer, meaning that at least a part of the “connection” is done.

I feel that there is no link with the library we use (LIGHTOPC) because:
– The same issue exists when trying with the MATRIKON demo OPC server
– The issue does not exist if the W2K is configured with a USER/PASS identical to my server.

At least, is it possible to have a few help on the difference between “DCOMCNFG” and “mmc comexp.msc /32“. I have a 32 bits server but it seems that the rules used by DCOMCNFG are taken into account?

Thanks in advance

Avatar
Jeremie Chabod
Member
Members
Forum Posts: 3
Member Since:
11/21/2018
sp_UserOfflineSmall Offline
4
11/27/2018 - 09:32
sp_Permalink sp_Print

I finally found what was the issue by looking into Windows Event log.

I thought that the client was trying to connect as “ANONYMOUS LOGON” due to my Server logs, but actually, the login “Administrator” was used (without password).

I simply had to enable administrator without password on my server and ad it to DCOM group, and it is now OK.

But I still have to determine if all parameters are really required (If I can remove anonymous connections and everyone, I’ll do it)

Forum Timezone: America/Phoenix
Most Users Ever Online: 510
Currently Online:
Guest(s) 37
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Forum Stats:
Groups: 2
Forums: 10
Topics: 1445
Posts: 4888