How to set DCOM and Local security policy settings for Agilent LC/GC, ICF-based instruments - WKB121320

ENVIRONMENT

• Agilent Instrument Control Framework
• Empower 3 Enterprise
• Agilent LC
• Agilent GC

ANSWER

Ensure that you have the correct settings for Everyone, Authenticated Users, and Domain Users. Below are the steps to follow to set them on LAC/E. When you are done, reboot the LAC/E.

Verify that Everyone or Authenticated Users and Domain Users are granted Local and Remote Access (if users are not available, you need to add Everyone or Authenticated Users and Domain Users to the list and provide the settings below). Note correct naming and also access levels need to be checked for Everyone

• In Component Services > Computers > Properties > COM Security > Access Permission, select the Allow check box for Local Access and Remote Access for Everyone or Authenticated Users and Domain Users.

• In Component Services > Computers > Properties > COM Security > Launch and Activation Permissions, select Everyone or Authenticated Users in the Group and then select Allow for Local Launch, Remote Launch, Local Activation, and Remote Activation Permissions. Repeat the same for Domain Users.

• In Local Security Policy > Security Settings > Local Policies > Security Options > DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax > Edit Security, select the Allow check box for Local Access and Remote Access for Everyone or Authenticated Users and Domain Users.

• In Local Security Policy > Security Settings > Local Policies > Security Options > DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax > Edit Security > Launch and Activation Permissions, select Everyone or Authenticated Users in the Group, and then select Allow for Local Launch, Remote Launch, Local Activation, and Remote Activation Permissions. Repeat the same for Domain Users.

ADDITIONAL INFORMATION