The Windows Active Directory provides central authentication and authorization services for Windows based computers. It also enables Network Administrators to assign policies, deploy software, and apply critical updates to an organization. Active Directory was designed to support hundreds of computers simultaneously.
When a users attempts to log on to a Windows computer that is on a Windows Domain, Windows automatically attempts to verify the user’s password with the Active Directory (which typically resides on a separate central computer).
OPC communication is based on DCOM, which uses the Microsoft Active Directory to authenticate users, when the computer is connected to a Windows Domain. In other words, the authentication is not done by the computer on which the user is logging on.
If the computer is connected to a Workgroup, Windows does not use the Active Directory. Instead, Windows authenticates users against User Name and Password combinations that Windows stores locally.
OPC uses the authentication capabilities that Windows provides. Thus, access to the Active Directory is very important for OPC applications to work properly.
See also: Authentication, DNS, Domain, Workgroup