Product: | Elvis |
Version: | 2.3 |
Booth: | 2004-12-06 |
Summary
These settings do not apply to Elvis 2.4. For Elvis 2.4, see Recommended configuration for Elvis 2.4 on the network.
For the network access of an operator station to an Elvis process server running under Windows XP with Service Pack 2, special settings of DCOM and the firewall are required.
Details
1. On the process server PC
1.1. Firewall settings
Under Control Panel » Windows Firewall:
General page:
- Accept the default setting “Active” here.
Exceptions page:
- Select the file “ElvisSvr.exe” from the Elvis directory via “Program” » “Browse” and confirm with “OK” The program will then appear in the firewall exception list.
- In addition, a port must be opened for RPC. To do this, click on “Port…” and enter a name, e.g. “RPC Endpoint Mapper”, as well as “135” as the port number in the subsequent dialog and select the option “TCP” as the port type. After confirming with “OK”, a new entry appears in the exception list.
- By default, for each new entry in the exception list, the range of computers for which the port or program in question is not blocked initially extends to all computers, including those on the Internet. If you want to limit the area, select the relevant list entry and select one of the other two options (“Only for your own network” or “Custom list”) via “Edit” » “Change area”.
1.2. Creation of a special user
After logging in as a local administrator for the Elvis process server, create a special user (e.g. “Elvis”) (with password !), under whose account the process server is to run. This user does not need administrator rights.
1.3. Computer-wide DCOM settings
Start » Run: DCOMCNFG » Component Services » Computers » Context menu of “My Computer” » Properties:
Default Properties page:
The default settings can be adopted here, i.e.:
- Hook at “DCOM… activate”;
- Default authentication level: “Connect”;
- Default impersonation level”: “Identify”.
COM Security page:
- Access Permissions » “Edit limits…”: under ANONYMOUS LOGIN, check the box “Allow remote access”.
- Launch and Activation Permissions » “Edit Limits…”: add here: ANONYMOUS LOGIN with the permissions “Local Launch”, “Remote Launch”, “Local Activation” and “Remote Activation”.
1.4. Specific DCOM settings for “Elvis Server”
In DCOMCNFG under Component Services » DCOM Configuration » Context menu of “Elvis Server” » Properties:
- General page: Authentication level: None.
- “Identity” page » Select the “This user” option and enter the name and password of the specific user (see 1.2).
- Security page: under “Launch and Activation Permissions”, add: ANONYMOUS LOGIN with “Local Launch”, “Remote Launch”, “Local Activation” and “Remote Activation” permissions.
2. On the operator station PC
2.1. Firewall settings
Under Control Panel » Windows Firewall:
- Page “General”: Accept the default setting “Active” again.
- “Exceptions” page: Via “Program” » “Browse” add the file “ElvisRun.exe” from the Elvis directory to the exception list.
In addition, TCP port 135 must also be added here (see 1.1).
In addition, the areas for the two new list entries can also be restricted here again (see 1.1).
2.2. Computer-wide DCOM settings
Start » Run: DCOMCNFG » Component Services » Computers » Context menu of “My Computer” » Properties:
“Default Properties” page: Here, too, the default settings can be adopted (see 1.3).
COM Security page:
- Access Permissions » “Edit Limits…”:
under ANONYMOUS LOGIN, check the box “Allow remote access”.