Step 1 - Configuring Default DCOM Security Options

The following screen is opened by:

• Right-clicking on the "My Computer" node in the "Component Services" screen.
• Choosing "Properties" from the menu.
• Then click the "Default Properties" Tab.
  
• The options available in this screen should be configured as:
• The Enable Distributed COM on this computer MUST be checked.
• The Default Authentication Level should be set to None.
• The Default Impersonation Level should be set to Identity
• The next step is to click on the "COM Security" tab, which is shown below:
• As of XP SP2 there are four buttons in this screen. You MUST configure all four buttons.
• Click on the "Edit Default" button within the "Access Permissions " area and make sure that the following accounts exist with the "Allow Access" permissions:
• Everyone
• Interactive
• System
• Network
• IWAM_<computer-name> *
• IUSR_<computer-name> *
• Guests
• Anonymous
• Once that is complete, do the same with the "Edit Default" button in the " Launch Permissions" section and give the right "Allow Launch" to the same accounts as mentioned in the bullet-points above.
• Make the same settings under both "Edit Limits" buttons. If you do not set up these limits your DCOM will be limited based on these settings.
• Now click the OK button to save and close the window.

* If you plan to use IIS (Internet Information Services) as an OPC Client, then its login context should be added to the list of trusted accounts as shown above.

Next > Configuring OPCENUM