Configuring Policy Settings To Allow Windows XP SP2 and Windows Server 2003 Interoperability Overview When making OPC connections from XP SP2 to Windows Server 2003 there are some additional settings that should be checked. This is important when the two computers are not under the same domain when logged in. Updates to both XP SP2 and Windows Server 2003 have made changes to the local Policy settings and it is entirely possible that these updates have restricted systems that we otherwise once working. This document assumes that all DCOM security settings are configured in accordance with our recommendations. Local Security Settings The settings outlined in this document must be checked on both the OPC Server and OPC Client computer(s). The Local Security Settings can be found: START > Control Panel > Administrative Tools > Local Security Settings The Local Security Settings window is shown below: Expand the Local Policies folder and go the Security Options (shown in gray). DCOM Policies Locate the following options: DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Both of these options should be set to "NOT DEFINED". If either of these are defined, then you will need to work with an IT professional or network administrator who has the necessary rights to be able to access and modify these policies. Network Access - Everyone Permissions We need to to let Everyone permissions also apply to anonymous users. Locate the following options: Network access: Let Everyone permissions apply to anonymous users These settings default to "disabled". We recommend enabling these options by right-clicking on them and changing the setting as shown below: Click the OK button to save the setting and close the window. Network Access - Sharing and Security Model We need to configure the sharing and security model for local accounts. Locate the following options: Network access: Sharing and security model for local accounts This setting now has a default value of "Guest only" which can prevent OPC connections. Right click on this policy and open its Properties: Change the setting to "Classic" as shown above, then click OK to save and close the window. Summary These changes are required for OPC Connections between Windows XP SP2 and Windows Server 2003 computers when communicating in a workgroup.