When OPC DA communication test can not always be avoided to configure DCOM, I am used to these communications testing software are installed in a virtual machine, each installation will need to manually re-configure, feeling very troublesome
therefore, to find information, understand that you can use dcomperm the software for the command line dcom configuration, it took some time to study, to KepServer6.4 for example, write a configuration script left in this record, to facilitate subsequent reference
At the command line to run dcomperm, get help in the following figure:
I use the following configuration script, copy and paste into Notepad, save it as bat file with administrator privileges executed, the result will be recorded in the DCOMConfig.log log file.
set CCDIR=%~dp0
SET logfile="%CCDIR%\DCOMConfig.log"
@echo
%~d0 > %logfile%
echo 配置启动 >>%logfile%
echo DCOM访问权限限制 >>%logfile%
dcomperm -ma set Administrators permit level:r,l >>%logfile%
dcomperm -ma set Administrator permit level:r,l >>%logfile%
dcomperm -ma set "Authenticated Users" permit level:r,l >>%logfile%
dcomperm -ma set "Anonymous Logon" permit level:r,l >>%logfile%
dcomperm -ma set Everyone permit level:r,l >>%logfile%
dcomperm -ma set Interactive permit level:r,l >>%logfile%
dcomperm -ma set Network permit level:r,l >>%logfile%
dcomperm -ma set System permit level:r,l >>%logfile%
dcomperm -ma set Guests permit level:r,l >>%logfile%
echo DCOM访问权限默认值 >>%logfile%
dcomperm -da set Administrators permit level:r,l >>%logfile%
dcomperm -da set Administrator permit level:r,l >>%logfile%
dcomperm -da set "Authenticated Users" permit level:r,l >>%logfile%
dcomperm -da set "Anonymous Logon" permit level:r,l >>%logfile%
dcomperm -da set Everyone permit level:r,l >>%logfile%
dcomperm -da set Interactive permit level:r,l >>%logfile%
dcomperm -da set Network permit level:r,l >>%logfile%
dcomperm -da set System permit level:r,l >>%logfile%
dcomperm -da set Guests permit level:r,l >>%logfile%
echo DCOM启动权限限制 >>%logfile%
dcomperm -ml set Administrators permit level:rl,ll,la,ra >>%logfile%
dcomperm -ml set Administrator permit level:rl,ll,la,ra >>%logfile%
dcomperm -ml set "Authenticated Users" permit level:r,l >>%logfile%
dcomperm -ml set "Anonymous Logon" permit level:rl,ll,la,ra >>%logfile%
dcomperm -ml set Everyone permit level:rl,ll,la,ra >>%logfile%
dcomperm -ml set Interactive permit level:rl,ll,la,ra >>%logfile%
dcomperm -ml set Network permit level:rl,ll,la,ra >>%logfile%
dcomperm -ml set System permit level:rl,ll,la,ra >>%logfile%
dcomperm -ml set Guests permit level:rl,ll,la,ra >>%logfile%
echo DCOM启动权限默认值 >>%logfile%
dcomperm -dl set Administrators permit level:rl,ll,la,ra >>%logfile%
dcomperm -dl set Administrator permit level:rl,ll,la,ra >>%logfile%
dcomperm -dl set "Authenticated Users" permit level:r,l >>%logfile%
dcomperm -dl set "Anonymous Logon" permit level:rl,ll,la,ra >>%logfile%
dcomperm -dl set Everyone permit level:rl,ll,la,ra >>%logfile%
dcomperm -dl set Interactive permit level:rl,ll,la,ra >>%logfile%
dcomperm -dl set Network permit level:rl,ll,la,ra >>%logfile%
dcomperm -dl set System permit level:rl,ll,la,ra >>%logfile%
dcomperm -dl set Guests permit level:rl,ll,la,ra >>%logfile%
echo opcenum启动激活访问权限等设置 >>%logfile%
dcomperm -runas {13486D44-4821-11D2-A494-3CB306C10000} "Interactive User" >>%logfile%
dcomperm -al {13486D44-4821-11D2-A494-3CB306C10000} Default >>%logfile%
dcomperm -aa {13486D44-4821-11D2-A494-3CB306C10000} Default >>%logfile%
echo KEPServerEX 6.4启动激活访问权限等设置(注意:如果用的不是kep6.4,就在DCOM配置里找到配置的OPC服务信息更新过来) >>%logfile%
dcomperm -runas {7BC0CC8E-482C-47CA-ABDC-0FE7F9C6E729} "Interactive User" >>%logfile%
dcomperm -al {7BC0CC8E-482C-47CA-ABDC-0FE7F9C6E729} Default >>%logfile%
dcomperm -aa {7BC0CC8E-482C-47CA-ABDC-0FE7F9C6E729} Default >>%logfile%
sc config EventSystem start= auto >>%logfile%
net start EventSystem >>%logfile%
sc config COMSysApp start= auto >>%logfile%
net start COMSysApp >>%logfile%
sc config DcomLaunch start= auto >>%logfile%
net start DcomLaunch >>%logfile%
sc config TrkWks start= auto >>%logfile%
net start TrkWks >>%logfile%
sc config MSDTC start= auto >>%logfile%
net start MSDTC >>%logfile%
sc config RpcSs start= auto >>%logfile%
net start RpcSs >>%logfile%
sc config RpcLocator start= auto >>%logfile%
net start RpcLocator >>%logfile%
sc config RemoteAccess start= auto >>%logfile%
net start RemoteAccess >>%logfile%
sc config SamSs start= auto >>%logfile%
net start SamSs >>%logfile%
echo 生成其他 DCOM相关注册表文件 >>%logfile%
echo Windows Registry Editor Version 5.00 > DCOM.reg
echo. >> DCOM.reg
echo ;设置[组件服务]-[计算机]-[我的电脑]-[连接属性]默认身份验证级别为[连接]-默认模拟级别为[标识] >> DCOM.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole] >> DCOM.reg
echo "EnableDCOM"="Y" >> DCOM.reg
echo "LegacyAuthenticationLevel"=dword:00000002 >> DCOM.reg
echo "LegacyImpersonationLevel"=dword:00000002 >> DCOM.reg
echo. >> DCOM.reg
echo ;设置[组件服务]-[计算机]-[我的电脑]-[DCOM配置]-[opcEnum]-身份验证级别为[连接]-终结点为[面向连接的TCP/IP]-属性为[使用默认终结点] >> DCOM.reg
echo [HKEY_CLASSES_ROOT\AppID\{13486D44-4821-11D2-A494-3CB306C10000}] >> DCOM.reg
echo @="OpcEnum" >> DCOM.reg
echo "AuthenticationLevel"=dword:00000002 >> DCOM.reg
echo "EndPoints"=hex(7):6e,00,63,00,61,00,63,00,6e,00,5f,00,69,00,70,00,5f,00,74,00,\ >> DCOM.reg
echo 63,00,70,00,2c,00,30,00,2c,00,00,00,00,00 >> DCOM.reg
echo. >> DCOM.reg
echo ;设置[本地安全和组策略]-[本地策略]-[安全选项]-[网络访问]本地账户的共享安全模型-[经典-对本地用户进行身份验证,不改变其本来身份] >> DCOM.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa] >> DCOM.reg
echo "forceguest"=dword:00000000 >> DCOM.reg
echo. >> DCOM.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] >> DCOM.reg
echo "forceguest"=dword:00000000 >> DCOM.reg
echo ;设置[本地安全和组策略]-[本地策略]-[安全选项]-[网络安全:LAN管理器身份验证级别] >> DCOM.reg
echo ;"LmCompatibilityLevel"=dword:00000001 >> DCOM.reg
echo 导入 DCOM相关注册表 >>%logfile%
regedit /s DCOM.reg
del DCOM.reg
echo 配置完成 >>%logfile%
dcomperm software to download information I use the following figure:
Again, I want to run with administrator privileges ...