11/21/2018
Hello,
I am currently porting an OPC Server application from a Win2K(AnonymousLogon) to a WinServer2012 (Login/Pass). The OPC server is a 32 bits application based on LIGHTOPC (C/C++/GNAT).
This OPC Server is accessed by an OPC Client application on a WIN2K(AnonymousLogon). This client cannot be changed in any way (cannot create user, or change DCOM configuration).
Following instructions to configure OPCEnum, DCOM and Computer, I am able to view the OPC server from my client, but not to connect. (Connection fails with error “CoCreateInstance Failed:RPC Server is unavailable”).
Note that the same OPC server will be 100% OK with client if the WIN2K is started with a user/pass matching my OPC server user/Pass.
Could anyone confirm me:
– Is it possible to connect an OPC server x32 started by “User/Pass” on a winS2012 from a “NT AUTHORITY\ANONYMOUS LOGON” on a Win2K?
– If Yes, Do you think the problem may come from Configuration or from LIGHTOPC?
– Do I have to configure x32 (mmc comexp.msc /32) x64 (dcomcnfg) DCOM parameters? (Following instruction would tend to use 32 bits configuration, but it seemsthat the 64 bits configuration is taken into account
Thanks for any help!!
11/21/2018
This is what I have done in “Computer” (DCOMCNFG on server):
– Add Anonymous & Everyoner “COM Security”,
– Set “Connect/Identify” for “Default properties”
In my servers:
– Authentication Level => None
– “Interactive User”
– “Security” => ensure EveryOne & anonymous have all rights
With this configuration :
– I can enumerate servers from W2K
– If I try to connect, I get a “AddGroup : Acces is denied” error from FactorySoft OPC client (Note that This is the only OPC client I found that could run on W2K without KERNEL32 link error)
– Also note that when I try this connection I get a login callback in my server with “NT AUTHORITY\ANONYMOUS LOGON” identifer, meaning that at least a part of the “connection” is done.
I feel that there is no link with the library we use (LIGHTOPC) because:
– The same issue exists when trying with the MATRIKON demo OPC server
– The issue does not exist if the W2K is configured with a USER/PASS identical to my server.
At least, is it possible to have a few help on the difference between “DCOMCNFG” and “mmc comexp.msc /32“. I have a 32 bits server but it seems that the rules used by DCOMCNFG are taken into account?
Thanks in advance
11/21/2018
I finally found what was the issue by looking into Windows Event log.
I thought that the client was trying to connect as “ANONYMOUS LOGON” due to my Server logs, but actually, the login “Administrator” was used (without password).
I simply had to enable administrator without password on my server and ad it to DCOM group, and it is now OK.
But I still have to determine if all parameters are really required (If I can remove anonymous connections and everyone, I’ll do it)
1 Guest(s)