To be able to access the Siemens Sinumerik 840D built in OPC DA (=Classic) Servers OPC.SINUMERIK.Machineswitch and OPC.SinumerikEvents (Alarm Server) from a remote PC that is member of a workgroup or a domain via Ethernet some configuration tasks are necessary.
Note: If you want to avoid wasting your time do NOT use any of the solutions that can be found on the internet about configuring DCOM or OPC security. None of them works in this case.
The Sinumerik OPC servers heavily rely on DCOM. Successful communication between client and server requires proper authentication, nothing more.
Start up the controller in service mode without HMI.
It is recommended that you turn off simple sharing. Click Start->Run type in eplorer.exe click on Tools->Folder Options. In tab View uncheck ‘Use simple file sharing (Recommended)’. Click OK.
Just in case you have the firewall enabled proceed as follows: The most simple way to avoid communication problems is to turn off the firewall. Click on Start->Settings->Control Panel->Windows Firewall. Click on Off (not recommended) followed by OK. You’re done.
If you want to keep the firewall switched on you have to adjust some settings.
Add Port 135 to exceptions.
Check ‘File and Printer Sharing’.
Add program ‘Simatic OPC Server’ (..\mmc2\opc\dataaccess\SOPC_MachineSwitch.exe)*
Add program ‘OPCSinumerikAlarm.exe’ (..\mmc2\opc\alarmevent\OPCSinumerikAlarm.exe)*
* Depending on the setup of your controller these files may be stored at a different location.
FIG 1: Firewall settings on Sinumerik 840D
Restart the controller in normal mode to enable HMI again.
Either click on Start->Programs->Administrative Tools->Component Services or Start->Run and type in dcomcnfg and click OK. Expand Component Services->Computers->My Computer Right click My Computer select Properties Open tab Default Properties Make sure that Enable Distributed COM on this computer is checked.
On top you see the IP Address (1) of your controller, click on button Ping (2) right to it.
Under Status you should see something like ‘… Reply from 192.168.1.100: bytes=14 time=
Next click on button Connect (3). If it works you should see ‘…DCOM Connect Succeeded’.
All fields in sections ‘Com Security Initialize’ (4) and ‘CoCreateInstance’ (5) are preset with values that should work. So usually no changes have to be made here. Of course you can run tests with different parameters..
Authentication service to use default: RPC_C_AUTHN_WINNT (RPC_C_AUTHN_GSS_NEGOTIATE and RPC_C_AUTHN_DEFAULT work also) Authorization service to use default: RPC_C_AUTHZ_NONE Authentication level default: RPC_C_AUTHN_LEVEL_CONNECT (only RPC_C_AUTHN_LEVEL_NONE, does not work!)
In section User (6) you can optionally set specific domain, and usernames and passwords for access to your controller in the form of DOMAINNAME,USERNAME,PASSWORD separated by commas. If you controller is member of a workgroup use a dot instead of domain name.