Professional OPC
Development Tools

logos

Online Forums

Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.

Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.

Do not use the Contact page for technical issues.

DCOM raise activation authentication level

More
16 Oct 2021 15:34 #10264 by ToSi
Hello,

The key was actually not present. I added it and set its value to 0x00000001 (1). Just to make sure, we are only talking about the client side?


Best Regards.
Attachments:

Please Log in or Create an account to join the conversation.

More
16 Oct 2021 13:09 #10263 by support
Hello,
for start, can you please use REGEDIT and check whether you have the following registry key present, and if so, what is its value?

Path : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat
Value Name: "RequireIntegrityActivationAuthenticationLevel"

(the reason I am asking is this: support.microsoft.com/en-us/topic/kb5004442-manage-changes-f...52-c141-43d2-941e-37ed901c769c ).

Best regards

Please Log in or Create an account to join the conversation.

More
14 Oct 2021 08:04 #10262 by ToSi
Hello OPC Labs,

I have a problem with connecting my OPC-Client (and others like Matrikon OPC Explorer) to a remote server. The server I am trying to connect to is a Siemens WinCC. I already managed to browse the server list and I can even "connect" to the server with the Matrikon client. But as soon as I try to browse items, it fails (both clients). From QuickOPC I get the message "Access Denied" which usually comes from incorrect DCOM settings. To clarify the settings I list them below:
  • server default authentication level: Connect
  • server default impersonation level: identify
  • WinCC authentication level: Standard (also tested Connect)
  • WinCC identity: interactive user
  • The user on client and server share the same name and password
  • The user has full permissions for the WinCC and for system (dcomcnfg limits and standard)
  • Firewall-Port 135 is open on the server and client


The last two days I tried solving the problem with reading documentations and forums. When I tested with the Matrikon OPC Explorer I got the following Error:
Application ...\Matrikon\OPC\Explorer\OPCExplorer.exe with PID      b0c is requesting to activate CLSID {75D00BBB-D...} on computer [...] with default activation authentication level at 2. The lowest activation authentication level required by DCOM is 5(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY). To raise the activation authentication level, please contact the application vendor.

This made me think about, what if the WinCC-Server itself requires RPC_C_AUTHN_LEVEL_PKT_INTEGRITY (5) as authentication level and ignores the system settings? I am no professional when it comes to DCOM so I don't know if this is even possible. I then searched the forums and got to the following topic: DCOM permissions and UseCustomSecurity, TurnOffActivationSecurity, and TurnOffCallSecurity . This leads me to think, that the maximum authentication level in QuickOPC is 2 (Connect). This would explain why I can't browse the server.
Now is there a way to raise the authentication level or am I stepping on the wrong path here and that is not the problem? And to mention, I tried a few combinations of UseCustomSecurity, TurnOffActivationSecurity, TurnOffCallSecurity but had no success.

Please advise me on how I can solve the problem. If any additional information is required, feel free to ask.

Best Regards
ToSi

Please Log in or Create an account to join the conversation.

Moderators: support
Time to create page: 0.106 seconds