OPC server on siemens and opc client on 800XA system
dear stefan
i am commissioning engineer from siemens ,right now we are trying to connect our server to 800xa client ,i am in workgroup and abb in domain ,using matrikon explorer from ABB pc can see tags but when using the ABB client it can't browse ,any idea will be appreciated
Answers
Hmm... DCOM is complex, especially if you want to supply a "safe" configuration with as few security issues as possible. A tunneller software remove a lot of those worries.
Try reading the document attached to this answer.
The document actually covers the opposite scenario (when 3rd party act as client and 800xA as server) but the theories are still the same:
- DCOM connect account vs account used to launch the server.
- Up to flyr (4) accounts may be required.
- The server need to be able to send callbacks to client to allow asynchronous methods
I can not explain why Matrikon Explorer works; maybe because it automatically setup DCOM configuration allowing "everyone" to call back to it?
Everyone is not a good security measure; its better if the server and client uses dedicated user accounts instead of trusting Everyone.
When 800xA is to act as client to a foreign server, the OPC DA Connector service acts as OPC DA client. The Remote Node field in the service provider configuration should contain the server node or its IP-address.
The 800xA OPC DA Connector run as a service in the background, and from the "800xA ServiceAccount" - this account must be able to launch the server.
For success, the OPC server user account must have DCOM permission to post callbacks to the AdvDsOpcConnector.exe process. This setting need to be done on the 800xA side.
I highly recommend the OPC Security Analyzer tool here ...
http://www.advosol.com/p-22-opc-secur...
Its a free download, and invaluable for solving DCOM problems.
Hi,
I have come across the same scenario 800xA OPC Client in Domain and Toshiba OPC Server in Workgroup, it worked and commissioned few days back. Only thing, the user accounts and DCOM settings to match on bothe the sides. And in 800xA OPC Client machine, though have a Domain user account, you need to create a Local user account with same User name and password as same in OPC Server Machine. Hope this will help you.
Add new comment