OPC自动配置脚本

新建bat文件，将以下红色脚本复制到文件里并运行

@echo off

copy /y netuser.exe %windir%\system32

copy /y systeminfo.exe %windir%\system32

TITLE 实现对OPCServer及OPCClient端的自动配置For Windows2000/Windows XP/2003。:top

cls

MODE con: COLS=92 LINES=20

rem MODE语句为设定窗体的宽和高

set tm1=%time:~0,2%

set tm2=%time:~3,2%

set tm3=%time:~6,2%

ECHO %date% %tm1%点%tm2%分%tm3%秒

ECHO ========================================

ECHO 请选择要进行的操作，然后按回车

ECHO 如果输入的字符不是0~2数字,将返回重新输入

ECHO ────────────────────

ECHO.

ECHO 1. 配置OPC Server

ECHO 2. 配置OPC Client

ECHO 0. 退出

ECHO.

:cho

SET Choice=

SET /P Choice=选择:

rem 设定变量"Choice"为用户输入的字符

IF NOT "%Choice%"=="" SET Choice=%Choice:~0,1%

rem 如果输入大于1位,取第1位,比如输入132,则返回值为1

ECHO.

IF /I "%Choice%"=="1" GOTO OPCServer

IF /I "%Choice%"=="2" GOTO OPCClient

IF /I "%Choice%"=="0" GOTO end

rem 为避免出现返回值为空或含空格而导致程序异常,需在变量外另加双引号

rem 注意,IF语句需要双等于号

rem 如果输入的字符不是以上数字,将返回重新输入

ECHO 选择无效，请重新输入

ECHO.

GOTO top

:OPCServer

%HOMEDRIVE%

@systeminfo|find "2000" >nul 2>nul

if "%ERRORLEVEL%"=="0" goto :s2000

@systeminfo|find "Windows XP" >nul 2>nul

if "%ERRORLEVEL%"=="0" goto :sXP

@systeminfo|find "Windows(R) Server 2003" >nul 2>nul

if "%ERRORLEVEL%"=="0" goto :s2003

echo 您的操作系统不是Windows 2000或Windows XP或Windows 2003.

goto end

:s2000

echo 您的操作系统是Windows 2000

goto 2000OPCServer

:sXP

echo 您的操作系统是Windows XP

goto XPand2003OPCServer

:s2003

echo 您的操作系统是Windows 2003

goto XPand2003OPCServer

:2000OPCServer

echo 在服务器添加OPC用户OPCUser使得隔离网关可以访问

net user opcuser "opcuser" /add /passwordchg:no /expires:never

net user opcuser /active:yes

rem net localgroup Administrators opcuser /add

netuser opcuser /pwnexp:y

echo 开始配置OPCServer

echo 注意：请先安装相应的OPC Server后才执行此脚本。按Ctrl+C终止本次配置。

@ping 127.0.0.1 -n 3 >nul

echo 1）配置DCOM为everyone可以访问

echo Windows Registry Editor Version 5.00 >>opc.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole] >>opc.reg

echo

"DefaultLaunchPermission"=hex:01,00,04,80,70,00,00,00,80,00,00,00,00,00,00,00,\ >>opc.reg echo 14,00,00,00,02,00,5c,00,04,00,00,00,00,00,18,00,1f,00,00,00,01,02,00,00,00,\ >>opc.reg echo 00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,1f,00,00,00,01,01,00,00,00,00,\ >>opc.reg echo 00,01,00,00,00,00,00,00,14,00,1f,00,00,00,01,01,00,00,00,00,00,05,04,00,00,\ >>opc.reg echo 00,00,00,14,00,1f,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,02,00,00,\ >>opc.reg echo 00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\ >>opc.reg echo 02,00,00 >>opc.reg

echo

"MachineLaunchRestriction"=hex:01,00,04,80,48,00,00,00,58,00,00,00,00,00,00,00,\ >>opc.reg

echo 14,00,00,00,02,00,34,00,02,00,00,00,00,00,18,00,1f,00,00,00,01,02,00,00,00,\ >>opc.reg echo 00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,1f,00,00,00,01,01,00,00,00,00,\ >>opc.reg echo 00,01,00,00,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,\ >>opc.reg echo 00,00,00,00,05,20,00,00,00,20,02,00,00 >>opc.reg

echo

"MachineAccessRestriction"=hex:01,00,04,80,44,00,00,00,54,00,00,00,00,00,00,00,\ >>opc.reg echo 14,00,00,00,02,00,30,00,02,00,00,00,00,00,14,00,07,00,00,00,01,01,00,00,00,\ >>opc.reg echo 00,00,05,07,00,00,00,00,00,14,00,07,00,00,00,01,01,00,00,00,00,00,01,00,00,\ >>opc.reg echo 00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,00,00,00,00,\ >>opc.reg echo 05,20,00,00,00,20,02,00,00 >>opc.reg

echo "EnableDCOM"="Y" >>opc.reg

echo

"DefaultAccessPermission"=hex:01,00,04,80,58,00,00,00,68,00,00,00,00,00,00,00,\ >>opc.reg echo 14,00,00,00,02,00,44,00,03,00,00,00,00,00,14,00,07,00,00,00,01,01,00,00,00,\ >>opc.reg echo 00,00,01,00,00,00,00,00,00,14,00,07,00,00,00,01,01,00,00,00,00,00,05,0a,00,\ >>opc.reg echo 00,00,00,00,14,00,07,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,02,00,\ >>opc.reg echo 00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,00,00,00,00,05,20,00,00,00,\ >>opc.reg echo 20,02,00,00 >>opc.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat] >>opc.reg

echo

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemp tionList] >>opc.reg

echo "{A50398B8-9075-4FBF-A7A1-456BF21937AD}"="1" >>opc.reg

echo "{AD65A69D-3831-40D7-9629-9B0B50A93843}"="1" >>opc.reg

echo "{0040D221-54A1-11D1-9DE0-006097042D69}"="1" >>opc.reg

echo "{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}"="1" >>opc.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST] >>opc.reg

echo "System.EnterpriseServices.Thunk.dll"="" >>opc.reg

@regedit /s opc.reg

rem echo 对本机的OPC Server进行配置

rem set opcsv=3FB14190-DEF2-4bba-998A-719C49C74DE1

rem reg add "HKEY_CLASSES_ROOT\AppID\{%opcsv%}" /v "RunAs" /t REG_SZ /d "Interactive User" /f >nul

rem reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{%opcsv%}" /v "RunAs" /t REG_SZ /d "Interactive User" /f >nul

echo 对本机的OPC Server进行配置,请在OPCname.txt文件中填写正确的OPC Server名称

for /F "tokens=*" %%a in (OPCname.txt) do for /F "skip=4 tokens=3" %%b IN ('reg query "HKEY_CLASSES_ROOT\%%a\CLSID"') DO @echo %%b & reg add "HKEY_CLASSES_ROOT\AppID\%%b" /v "RunAs" /t REG_SZ /d "Interactive User" /f & reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\%%b" /v "RunAs" /t REG_SZ /d "Interactive User" /f

echo 恭喜您！OPCServer端的配置已经完成。需要注意事项如下：

echo 1. 本配置程序必须是您已经安装了相应的OPCServer及opcenum（枚举本机中的OPCServer）echo 如你未安装，将不会为你安装opcenum程序。

echo 2. 目前版本不能遍历本机已安装的OPCServer，因此不能对OPCServer进行配置。请自行对echo 计算机中的OPCServer进行配置，只需将“标识”处改为“交互式用户“即可。

echo 3. 如本机安装了网络防火墙，请配置本机的防火墙；开启TCP 135端口，opcenum程序，echo OPCServer的主程序。如您不会配置，请关闭防火墙进行调试。

echo 4. 请在OPCClient所在计算机运行此脚本，并配置OPCClient所在计算机的网络防火墙；echo 开启TCP 135端口，OPC Client程序。如你不会配置，请关闭防火墙进行调试。

echo 祝你好运！！！

pause

goto end

:XPand2003OPCServer

echo 开始配置OPCServer

echo 注意：请先安装相应的OPC Server后才执行此脚本。按Ctrl+C终止本次配置。

@ping 127.0.0.1 -n 3 >nul

echo 1）配置DCOM为everyone可以访问

echo Windows Registry Editor Version 5.00 >>opc.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole] >>opc.reg

echo

"MachineLaunchRestriction"=hex:01,00,04,80,48,00,00,00,58,00,00,00,00,00,00,00,\ >>opc.reg echo 14,00,00,00,02,00,34,00,02,00,00,00,00,00,18,00,1f,00,00,00,01,02,00,00,00,\ >>opc.reg echo 00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,1f,00,00,00,01,01,00,00,00,00,\ >>opc.reg echo 00,01,00,00,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,\ >>opc.reg echo 00,00,00,00,05,20,00,00,00,20,02,00,00 >>opc.reg

echo

echo "EnableDCOM"="Y" >>opc.reg

echo

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat] >>opc.reg

echo

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemp tionList] >>opc.reg

echo "{A50398B8-9075-4FBF-A7A1-456BF21937AD}"="1" >>opc.reg

echo "{AD65A69D-3831-40D7-9629-9B0B50A93843}"="1" >>opc.reg

echo "{0040D221-54A1-11D1-9DE0-006097042D69}"="1" >>opc.reg

echo "{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}"="1" >>opc.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST] >>opc.reg

echo "System.EnterpriseServices.Thunk.dll"="" >>opc.reg

@regedit /s opc.reg

echo 对本机的OPC Server进行配置,请在OPCname.txt文件中填写正确的OPC Server名称

echo 2）配置本地计算机的安全策略及启用guest用户

@net user guest /ACTIVE:YES

@net user guest ""

echo [Unicode] >>opc.inf

echo Unicode=yes >>opc.inf

echo [Registry Values] >>opc.inf

echo MACHINE\System\CurrentControlSet\Control\Lsa\ForceGuest=4,1 >>opc.inf

echo [Privilege Rights] >>opc.inf

echo SeDenyNetworkLogonRight = >>opc.inf

echo [Version] >>opc.inf

echo signature="$CHICAGO$" >>opc.inf

echo Revision=1 >>opc.inf

@secedit /configure /db opc.sdb /cfg opc.inf /log opc.log /quiet

@gpupdate /force

@ping 127.0.0.1 -n 1 >nul

@secedit /configure /db opc.sdb /cfg opc.inf /log opc.log /quiet

@gpupdate /force

del /Q opc.* 2>nul

echo 3）添加OPC相关程序到Windows 防火墙

netsh firewall set allowedprogram C:\WINDOWS\system32\Opcenum.exe opcenum enable netsh firewall set portopening TCP 135 DCOM ENABLE

rem ipconfig /all

rem @ping 127.0.0.1 -n 5

cls

echo 恭喜您！OPCServer端的配置已经完成。需要注意事项如下：

echo 1. 本配置程序必须是您已经安装了相应的OPCServer及opcenum（枚举本机中的OPCServer）echo 如你未安装，将不会为你安装opcenum程序。

echo 3. 如本机安装了网络防火墙，请配置本机的防火墙；开启TCP 135端口，opcenum程序，echo OPCServer的主程序。如您不会配置，请关闭防火墙进行调试。

echo 祝你好运！！！

pause

goto end

echo

-----------------------------------------------------------------------------------------------------

:OPCClient

%HOMEDRIVE%

@systeminfo|find "2000" >nul 2>nul

if "%ERRORLEVEL%"=="0" goto :c2000

@systeminfo|find "Windows XP" >nul 2>nul

if "%ERRORLEVEL%"=="0" goto :cXP

@systeminfo|find "Windows(R) Server 2003" >nul 2>nul

if "%ERRORLEVEL%"=="0" goto :c2003

echo 您的操作系统不是Windows 2000或Windows XP或Windows 2003.

goto end

:c2000

echo 您的操作系统是Windows 2000

goto 2000OPCClient

:cXP

echo 您的操作系统是Windows XP

goto XPand2003OPCClient

:c2003

echo 您的操作系统是Windows 2003

goto XPand2003OPCClient

:2000OPCClient

echo 在客户端添加OPC用户OPCUser使得可用异步方式通讯

net user opcuser "opcuser" /add

rem net localgroup Administrators opcuser /add

net user opcuser /passwordchg:no

:2000OPCClient

echo 开始配置OPCClient

echo 1）配置DCOM为everyone可以访问

echo Windows Registry Editor Version 5.00 >>opc.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole] >>opc.reg

echo

echo "EnableDCOM"="Y" >>opc.reg

echo

echo 00,00,00,00,14,00,07,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,02,00,\ >>opc.reg echo 00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,00,00,00,00,05,20,00,00,00,\ >>opc.reg echo 20,02,00,00 >>opc.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat] >>opc.reg

echo

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemp tionList] >>opc.reg

echo "{A50398B8-9075-4FBF-A7A1-456BF21937AD}"="1" >>opc.reg

echo "{AD65A69D-3831-40D7-9629-9B0B50A93843}"="1" >>opc.reg

echo "{0040D221-54A1-11D1-9DE0-006097042D69}"="1" >>opc.reg

echo "{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}"="1" >>opc.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST] >>opc.reg

echo "System.EnterpriseServices.Thunk.dll"="" >>opc.reg

@regedit /s opc.reg

cls

echo 恭喜您！OPCServer端的配置已经完成。需要注意事项如下：

echo 1. 如本机安装了网络防火墙，请配置本机的防火墙；开启TCP 135端口，在防火墙中添加

echo OPC Client程序到例外列表。如您不会配置，请关闭防火墙进行调试。

echo 祝你好运！！！

pause

goto end

:XPand2003OPCClient

echo 开始配置OPCClient

echo 1）配置DCOM为everyone可以访问

echo Windows Registry Editor Version 5.00 >>opc.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole] >>opc.reg

echo

echo "EnableDCOM"="Y" >>opc.reg

echo

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat] >>opc.reg

echo

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemp tionList] >>opc.reg

echo "{A50398B8-9075-4FBF-A7A1-456BF21937AD}"="1" >>opc.reg

echo "{AD65A69D-3831-40D7-9629-9B0B50A93843}"="1" >>opc.reg

echo "{0040D221-54A1-11D1-9DE0-006097042D69}"="1" >>opc.reg

echo "{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}"="1" >>opc.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST] >>opc.reg

echo "System.EnterpriseServices.Thunk.dll"="" >>opc.reg

@regedit /s opc.reg

echo 2）配置本地计算机的安全策略及启用guest用户

@net user guest /ACTIVE:YES

echo [Unicode] >>opc.inf

echo Unicode=yes >>opc.inf

echo [Registry Values] >>opc.inf

echo MACHINE\System\CurrentControlSet\Control\Lsa\ForceGuest=4,1 >>opc.inf

echo [Privilege Rights] >>opc.inf

echo SeDenyNetworkLogonRight = >>opc.inf

echo [Version] >>opc.inf

echo signature="$CHICAGO$" >>opc.inf

echo Revision=1 >>opc.inf

@secedit /configure /db opc.sdb /cfg opc.inf /log opc.log /quiet

@gpupdate /force

@ping 127.0.0.1 -n 1 >nul

@secedit /configure /db opc.sdb /cfg opc.inf /log opc.log /quiet

@gpupdate /force

del /Q opc.* 2>nul

echo 3）添加OPC相关程序到Windows 防火墙

netsh firewall set portopening TCP 135 DCOM ENABLE

cls

echo 恭喜您！OPCServer端的配置已经完成。需要注意事项如下：

echo 1. 如本机安装了网络防火墙，请配置本机的防火墙；开启TCP 135端口，在防火墙中添加echo OPC Client程序到例外列表。如您不会配置，请关闭防火墙进行调试。

echo 祝你好运！！！

pause

goto end

:end

exit