How to restrict access on OPC DA Surrogate connection
Is there a way to restrict the access on the OPC DA surrogate variables with ABB System 800xA? When you give another system access through DCOM with the OPC DA Surrogate service then by default all of the OPC variables are accessible for that system. Does anyone know how I can give the other system restricted access to only a few variables?
Voted best answer
Simple Answer ... No
More Complicated Answer ...
DCOM provides security at the windows level. Its also rather broken because its very old and it's no longer supported by microsoft. Typically in order to get DCOM to work at all, most users just open up everything. In any case DCOM only limits access to the OPC Server. It is not DCOM's function to provide any further security.
In order to limit access to items inside the OPC server, you need to use the security functions of 800xA. When your external client connects to the 800xA surrogate OPC server, it does so as an 800xA user and has exactly the same access rights as that user would have if they logged on and opened a workplace.
If you want to limit access to items in the 800xA OPC surrogate server, start your 3rd Party clients with a user that has limited access to the 800xA system.
But thats going to be so much trouble, its probably not worth the effort.