DCOM

This Help File was designed to give the user of component's commmunication through DCOM (specially OPC users) an idea on possible settings in an industrial environment. This Help File just showes possible settings of DCOM security that will make the system running. If the manufacturers or vendors of OPC products provide their own manuals, this manuals should be used instead of this Help File.

Important Notes

Before changing any settings of DCOM security, a system recovery procedure should be prepared. All settings described in this documentation should be tested in a laboratory environment, before changing machines in production.

• Save system partition including Windows Registry (Image Software)
• Only local administrators are allowed to change DCOM settings
• Test all settings in a laboratory environment before changing the production machine

This documentation deals with COM components that should comunicate with each other. There are tree different types of COM -Servers known, depending on their operational environment.

• INPROG- Server
  The COM-Server runs in the memory area of the Client, the Server is a DLL and runs local on the same machine and in the same process.
• LOCAL-Server
  The COM Server runs in it's own memory area, the Server is a EXE and runs local on the same machine, but in it's own process
• REMOTE-Server
  The COM Server runs in it's own memory area, the Server is a EXE and runs remotely on a different machine and (of course) in it's own process as the Client

The communication between Client and Server process followes the rules of COM. Whenever the Client is located on one machine and the Server on an other, DCOM (Distributed COM) comes into place. The function calls between Client and Server process are checked for correct security by the operating system. The security settings for DCOM have NOTHING to do with sharing folders between two machines or network shares across a network. When it comes to DCOM-Security we talk about "inter process communication", in other words: the right to start or access a certain component.

To keep configuration simple it is assumed that two machines have the same operating system installed, are both in the same Workgroup and have the same user accounts (same person/PWD actually logged on). On the Server Machine an OPC Server is located and on the Client Machine an OPC Client was installed.