OPC .NET API using NetworkCredential|Classic OPC: DA, A&E, HDA, XML-DA, etc.|Forum|OPC Foundation

Avatar
Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
OPC .NET API using NetworkCredential
Avatar
Daniel Godwin
New Member
Members
Forum Posts: 1
Member Since:
08/06/2017
sp_UserOfflineSmall Offline
1
10/28/2024 - 23:31
sp_Permalink sp_Print sp_EditHistory

Hi,

I’m trying to use the OPC .NET API to connect to a DA server using a configured user identity, by passing in a NetworkCredential to the Opc.Da.Server.Connect() method as below:

private Opc.Da.Server CreateServer(string host, string programId, string domain, string userName, string password)
{
    var discovery = new ServerEnumerator();
    var servers = discovery.GetAvailableServers(Specification.COM_DA_20, host, null);
    var opcServer = (Opc.Da.Server)servers.SingleOrDefault(e => e.Name == GetOpcServerName(host, programId));

    var connectData = domain == null ?
    new ConnectData(new NetworkCredential(userName, password)) :
    new ConnectData(new NetworkCredential(userName, password, domain));

    opcServer?.Connect(connectData);
    return opcServer;
}

I’m using a local account (lets say TestUser), to connect to a local OPC server.  I have locked down the OPC server to this specific account only.

The above code will always return an ACCESS DENIED error (I tried supplying the local machine name as the domain, but this didn’t change anything).

Note that if I run the same client and launch it to run under the TestUser account, then it is able to connect to the OPC server.

So, regardless of setting the NetworkCredential as above, the connection to the OPC server still appears to be being made under the logged-in user identity (i.e. the identity under which the application is running, let’s call it MyUser), as appears to be the case from the DCOM error in the Windows Event log:

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{FFCED1F1-278E-11D5-A2B0-00C04F1BFD1B}
and APPID
{FFCED1F1-278E-11D5-A2B0-00C04F1BFD1B}
to the user MyDomain\MyUser SID (S-1-5-21-3588447096-1463914-869570945-3258911) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Any suggestions on whether I’m going about this in the correct way?

Thanks for your help.

Forum Timezone: America/Phoenix
Most Users Ever Online: 510
Currently Online:
Guest(s) 23
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Forum Stats:
Groups: 2
Forums: 10
Topics: 1444
Posts: 4887