QTP/UFT support tip: DCOM configuration to run QTP/UFT tests from ALM in a remote machine
Some times user receives the following error message when executing a automated script remotely:
The RPC server is unavailable or Access is denied
Note: Executing the script locally works correctly.
The steps below provide details on how to make sure the Windows Firewall is not blocking port 135 and on how to configure DCOM permissions.
The security changes suggested below should be applied by a System Administrator.
If the firewall installed with Windows has being disabled, it is not needed to apply the steps in Part II below.
The following is the manual process for opening the firewall ports and modifying the DCOM properties for QTP / UFT, BPT, System Test, LoadRunner, and VAPI-XP.
Part I: Add the Windows user that is running the QC client to the Local Administrators group on the remote testing machine. This is required for Windows to authenticate the remote user executing the tests against the DCOM objects.
IMPORTANT: The windows user must have the exact same user name and password (ideally the same domain user here )
Part II: On the remote machine configure Windows Firewall to allow Port 135 for DCOM:
Select Start -> Control Panel -> Windows Firewall.
Navigate to the Exceptions tab.
Configure the Remote Agent to be allowed under "Programs and Services." Configuration should be done for each testing tools as given below:
QuickTest Professional Remote Agent (path: <System Drive>:\Program Files\HP\QuickTest Professional\bin\AQTRmtAgent.exe)
Execution Agent for Business Process Testing (QC path: <System Drive>:\Program Files\Common Files\Mercury Interactive\Quality Center\bp_exec_agent.exe or ALM path: <System Drive>:\Users\<WindowsUser>\AppData\Local\HP\ALM-Client\<ServerFolder>\be)
Click on <Add Port> and add the DCOM TCP port 135 to the Exceptions list.
Note: The remote agent is a DCOM object and requires port 135 to work.
Part III: Modify DCOM Security Properties:
Select Start > Run > type "dcomcnfg".
Navigate to Console Root -> Component Services -> Computers -> My Computer.
Note: If Windows Security Alert dialog window appears, click on <Ask me later> or <Unblock>
Right-click on "My Computers" and select "Properties."
Navigate to the "Default Properties" tab.
Make sure the "Default Impersonation Level" is "Identify."
Navigate to the "Default COM Security" tab.
Under "Access Permissions", click on <Edit Limits>. The "Access Permission" dialog window appears.
Click on <Add>. The "Select Users or Groups" dialog windows appear.
Click on <Advanced>.
Click on <Find Now>.
Add the following groups and users from the local machine:
Add the following groups and users from the domain:
<tdomain user logged into the QTP/UFTbox>
<domain user logged into the TD client box executing the remote execution>
Give "Local Access" and "Remote Access" permissions to the groups and users.
Under Access Permissions, repeat steps 9-17 for <Edit Default>.
Under Launch and Activation Permissions, click on <Edit Limits>. The Launch Permission dialog window appears.
Repeat steps 9-15.
Enable "Local Launch," "Remote Launch," "Local Activation," and "Remote Activation" permissions to the groups and users.
Repeat steps 20-22 for <Edit Default>.
Part IV: (for QTP / UFT only)
While still in the Component Services window, navigate to Console Root -> Component Services -> Computers -> My Computer -> DCOM Config.
Look for the following:
QuickTest Professional Automation / Unified Functional Testing Automation
TlpRmtServer (QTP only, not UFT)
For each of these DCOM applications, right click and select <Properties>.
Under the Identity tab, select <The Interactive User>. This will allow the DCOM application to authenticate the process against the logged in Windows user and run the process in that security context.