Providing DCOM Permissions on the OPC DA server for Canary
By Laura-Lee Strydom
Customer Success Engineer

Providing DCOM Permissions on the OPC DA server for Canary

This guide contains all the information required to providing DCOM Permissions on the OPC DA server.

1. Introduction

Canary can be connected to an OPC DA server to collect data. In some cases, there might be an attempt to use DCOM where Canary does not have the proper permissions to do so. This technical note describes the principal points to follow for a successful OPC DA connection via DCOM.

Canary is a single historian solution which is a performant time-series database. It consists of three components, Data Collection, Data Storage and Data Analytics. The component that will be utilized in this document is the Data Collection component, where it will be shown how to connect to an OPC DA server via DCOM for data collection.

OPC DA stands for Open Platform Communications Data Access, which is a standard that communicates real-time data from PLCs to display devices such as SCADA, HMI and MES systems.

DCOM stands for Distributed Component Object Model, which is a proprietary Microsoft technology used for communication between software components on networked computers or servers.

To set up the connection between the Canary Historian server and the OPC DA server, it is expected that you have the Canary Admin application, Canary Logger Administrator and OPC Server installed and running on your computer. If the OPC DA server is remote, access to it will be needed.

There are three main steps that you will need to follow to connect to the OPC DA server via DCOM in the Canary Service:

  1. OPC DA data collection configuration
  2. Creating logging sessions and logging data
  3. Providing DCOM permissions on the OPC DA server

These steps are described in greater detail in the following sections.

2. OPC DA data collection configuration

The OPC DA data logger should be configured in the Canary Admin application first, and then the data should be logged in the Logger Administrator application.

  1. Open the ‘Logger’ panel

2. There will be only 2 options in the Logger window; ‘Run As’ and ‘Arguments’. ‘Run As’ is a drop-down list of choices on how to run the processes:

2.1 Service – It registers the CLILogger.exe as a service that is set to automatic and starts it. If any arguments are passed in while this option is chosen, it will be executed on startup.
2.2 Interactive User – The CLILogger.exe will run and the credentials of the currently logged in user will be used. If any arguments are passed in while this option is chosen, it will be added to a shortcut for the CLIHistStart.exe and placed in the Startup folder to be executed at logon.

3. Arguments are the command line parameters that will be executed by the above-mentioned service or interactive user.

3. Creating logging sessions and logging data

The Canary Logger Administrator tool can read data from an OPC DA server and send that data to the Sender Service, which will in turn send it to the Receiver Service and historize the data in the Canary Historian.

If the OPC DA server is remote, the process will work the same. The only difference is that you will install the Canary Sender Service on the same machine the OPC DA server is running on and launch the Canary Logger Administrator tool from there.

From this machine, launch the Canary Logger Administrator tool (it gets installed automatically when you install any Canary Service on a machine). Your PC name will be displayed in the place of the black blocks:

Before creating a new logging session, make sure you created a new Dataset in the Historian tile which you can use to log this data to.

Now let’s create a new logging session:

  1. You can adjust the value in the ‘Minimum available memory’ field to adjust the memory threshold. Logging sessions automatically cache data to your local memory.
  2. Click on ‘File’ and select ‘New Log Session’

3. A new tab named ‘Untitled’ will appear. Rename your logging session in the ‘Name’ field, and the tab name will change accordingly.

4. In the ‘Historian Computer’ field, enter the machine name or IP address of the Canary Historian you are using. If you want to log data to more than one historian machines, separate the names with commas. If the OPC DA server and Historian is on the same machine, you can just use localhost.

5. The option to ‘Create a new file when logging starts’ enables you to create a logging file revision. It lets the Historian release tag licensing for tag names that don’t appear in this new session.

6. The tab with the name ‘Group 1’ shows that Group 1has automatically been created. To create more groups, right click on the Group 1 tab and select ‘Add new group’.

7. Change the group name if required. Enter the machine name or IP address of the OPC DA Server if not local. If it is, leave the field blank.

8. To select the OPC Server, click on the ellipse … icon next to the ‘OPC Server’ option. A screen will pop-up which will allow you to browse between your OPC Servers.

9. Once you have selected your OPC Server, right-click on the dark grey window area below the group settings tab and choose the ‘Browse OPC Server’. Alternatively, you can press Ctrl + B.

10. A new window will pop up where you can add trends. In the ‘Name Prefix’ dropdown, select the dataset in which to log the data. Preferably the new Dataset which you created before starting the logging session.

11. In the ‘Server Nodes’ window you can browse the OPC Server structure to find the desired tags. Once you have clicked on the tags, and they are visible in the right-hand window, select all individual tags required. Use Shift to multi-select tags.

12. If you wish to prepend the tag name with its browse path, enable the ‘Prepend browser path’ option. Click on the ‘Apply’ button to select the tags which you want to log. Click ‘OK’ when done.

13. A table will appear with all the tags you selected. To select a tag row, click on the corresponding block for that row in the first column which is empty. To edit a cell, you can double click on it.

14. To delete a row, select the row and right-click to select the ‘Delete Selected Trend(s)’ option.

15. Apply and save your changes at the top of the window. Click on the ‘Start’ button to start logging data.

16. If your data is logging correctly, you will see the trend count in green at the bottom of the window, with data being logged and values changing live in the tool. That means there is no DCOM issues, and the data is being historized. If the tags are being pulled through, as in you can browse the OPC DA server, but there are no values displayed, then you probably have a DCOM permission issue.

4. Providing DCOM Permissions on the OPC DA server

Configuring DCOM permission settings on an OPC DA server can be quite a hassle, and sometimes merely impossible. That is why Canary has built and provided you with the CLIRemoteAccess application. This application will make changes to the DCOM security settings on the OPC DA server to provide access to the tag data.

  1. Navigate to the following folder (on the PC where the OPC DA server is located), C:\Program Files\Canary\Logger and launch the CLIRemoteAccess application.

2. You will see the following application open, where it explains in detail which security and permission changes will be made. Click on the ‘Make Changes’ button to proceed.

3. The application takes a few seconds to complete, and once done, you will see what changes have been made. You can exit the application when done.

4. Go back to the logger tool, stop and start the logging session you created. If successful, you will see all the live tag values being pulled through. This includes the Value, Quality and Timestamp of each tag.

5. Lastly, you can navigate to the Historian tile in the Canary Admin tool, and you’ll see your Dataset being updated. If you open the Dataset, you will find all your tags there.

5. Additional Resources

How to configure the OPC DA Collector V21