Recent Control & Safety Systems Discussions
Similar Posts
Connect remotely to DeltaV OPC HDA server that runs on a machine with a Domain Controller role
DeltaV | 13.3.1 | Redundant Application Station pair and OPC Remote
The OPC Subsystem is missing on one of my APP stations in diagnostics. Licensing is fine (OPC 8000 parameters, OPC Remote services license). I can no longer connect remote clients. Any ideas?
DeltaV Remote Desktop Connection From a Remote Client Server to Other DeltaV Application Stations
3rd Party OPC Server, connecting from Application Station via OPC Mirror
Share

OPC Remote to an Application Station with a DC role

I'm trying to connect to an OPC Server on an Application Station with a DC role, across a firewall but when using OPC Watchit I get the error "The RPC server is unavailable". I can RDP to the machine without issue and I have 4 other OPC Clients connected successfully on this side of the firewall. This connection had been working successfully prior to assigning the DC role to the APPs station. Am I missing something that should be obvious. The user credentials are fine and have been confirmed on both the client and server machines, although the functionality of the DC machine prevents me from creating a local username.

harnettw

5 Replies

  • Alexandre Peixoto
    There may be multiple areas to explore here, but with the understanding you had everything working before and the only change was to add the DC role to the App Station (and provided the client belongs to another domain altogether), then I'd look into your firewall settings as you may need to add new rules targeting the App Station as DC such as DNS, RPC, etc.

    If this is a workgroup to domain communication, then you will need matching local accounts so the system can work satisfactorily. Again, trusting this was working before you added the DC role to the App Station, then I'm assuming everything is OK in this area. Domain accounts in a DC are technically local accounts and you shouldn't be using a local administrator account in this case, so arguably this shouldn't be the root cause of your issue per se.

    Just a couple of thoughts...
  • Lun.Raznik

    OPC and DC role don't really mix well - generally.

    When an OPC client connects to the OPC Server it will be connecting using the context of the active user. That user needs to have access to the DCOM infrastructure of the App Station. And here you problem starts - not unless the OPC Remote is a member of the domain then generally can't do this.

    Say the client can be made to connect to the server by bending all the rules then callback kicks in. Callback security assumes the security context of DeltaV OPC Server - generally DeltaVAdmin. So the server will need to have access to the client to push updates - another challenge for DC role.


    Best practices for DeltaV OPC Server - don't use it on a domain controller unless all machines connecting it is a domain member or domain trust is established.

  • Richard Bruce
    I believe I had the same issues you are having a while back. There is a document that covers connection/installing OPC Remote. AP-0500-0023

    It covers various scenarios.
  • harnettw
    Hi Richard,
                    Thanks you very much. I appreciate it. I’ll give this a try later on today and let you know how I make out.
     
    Best Regards,
    Warren Harnett
    Vale NL Ltd
     
  • Tim Alexander
    1. Log In to firewall management interface and see if you are getting hits on the firewall. Verify your Microsoft Firewall settings on the App Station as well.

    2. You may need to change the Domain dropdown menu option in DeltaV User Manager for this user to be your domain name whereas previously you likely had "Unspecified" selected per the Guidance KBA. Have been doing this with customers who are moving the opposite direction you are as IDDC's are added. This has to do with the authentication of the client at the DeltaV level.

    3. I always verify with a 3rd party tool like the portable version of Matrikon OPC Explorer on the local and remote machine.

This is the official online community site of the Emerson Global Users Exchange, a forum for the free exchange of non-proprietary information among the global user community of all Emerson Automation Solution's products and services. Our goal is to improve the efficiency and use of automation systems and solutions employed at members’ facilities by sharing our knowledge, experiences, and application information.

User Groups | World Areas | Community Guidelines | Legal Information | Privacy Policy | Contact Community Manager

Website translation provided by Website Translator

© 2015-2022 Emerson Global Users Exchange. All rights reserved.