TD远程启动QTP无权限问题

前天一位前同事询问我关于qtp自动化框架的问题，自动化的测试做过一些，对框架也有一定的了解，但是一直没有搭建一个过自动化测试的框架，所以帮她研究了一下TD+QTP的自动化框架，在学习搭建过程中遇到问题无数，呵呵，真是好事多磨啊，但是一般问题网上都很好找到答案。唯有利用TD远程调用QTP测试服务机TD系统报“没有权限”，这个问题在网上找了很久才找到一个解决问题的方法，所以拿出来给大家分享一下，希望遇到此问题的测试同仁能很快的解决此问题

Solution: Change the DCOM permissions on the Windows XP SP2 client to allow for remote execution

Notes:

The security changes suggested below should be applied by your System Administrator. Please contact Microsoft Support if you have questions regarding changes in DCOM securities caused by installing Windows XP SP2.

If you disable the firewall installed with Windows XP SP2, you do not need to apply the steps in Part II below. However, a utility (CPT33502C.zip) has been created to automate the steps for opening the ports outlined in Part II.

Part III - VI can be applied automatically by running the attached batch file included in CPT33502B.zip. You will need to extract the contents of this zip file to a temp directory and execute the SetWRandQTPIPDCOM.bat file. The batch file (CPT33502B.zip) will use the dcomperm.exe (CPT33502D.zip) provided by Microsoft to update the DCOM properties of the remote agents for WR, QTP, BPT, System Test, and VAPI-XP. Your system administrator should be able to run this batch file across the network to update each Windows XP SP2 machine. If you apply the batch file, you do not need to implement the steps in Part III - VI below.
The following is the manual process for openning the firewall ports and modifying the DCOM properties for WR, QTP, BPT, System Test, and VAPI-XP.

Part I:
Add both machines into the same domain. For the domain users logged into both machines, add these domain users to the Local Administrators group on the QTP/WR machine. This is required for Windows to authenticate the remote user executing the tests against the DCOM objects.

Part II:
On the Testing Tool client machine configure Windows Firewall to allow Port 135 for DCOM:
1. Select Start -> Control Panel -> Windows Firewall.
2. Navigate to the Exceptions tab.
3. Configure the Remote Agent to be allowed under "Programs and Services." Configuration should be done for each testing tools as given below:

WinRunner Remote Agent (path: <System Drive>:\Program Files\Common Files\Mercury Interactive\WR_Remoter\wrrmtsrv.exe)
QuickTest Professional Remote Agent (path: <System Drive>:\Program Files\Mercury Interactive\QuickTest Professional\bin\AQTRmtAgent.exe)
Execution Agent for Business Process Testing (path: <System Drive>:\Program Files\Common Files\Mercury Interactive\TD2000_80\bp_exec_agent.exe)
4. Click on <Add Port> and add the DCOM TCP port 135 to the Exceptions list.
Note: The WR remote agent is a DCOM object and requires port 135 to work. The list of "Port Assignments for Commonly-Used Services" is provided in the URL below:
http://www.microsoft.com/resourc... t/cnfc_por_SIMW.asp

Part III:
Modify DCOM Security Properties:
1. Select Start -> Run and enter dcomcnfg.
2. Navigate to Console Root -> Component Services -> Computers -> My Computer.
Note: If Windows Security Alert dialog window appears, click on <Ask me later> or <Unblock>.
3. Right-click on My Computers and select "Properties."
4. Navigate to the Default Properties tab.
5. Make sure the Default Impersonation Level is "Identify."
6. Click <Apply>.
7. Navigate to the Defualt COM Security tab.
8. Under Access Permissions, click on <Edit Limits>. The Access Permission dialog window appears.
9. Click on <Add>. The Select Users or Groups dialog windows appear.
10. Click on <Advanced>.
11. Click on <Find Now>.
12. Add the following groups and users from the local machine (below is an example screenshot):

Administrator
Administrators
Authenticated User
Anonymous Logon
Everyone
Interactive
Network
System

13. Click <OK>.
14. Add the following groups and users from the domain:

<tdomain user logged into the QTP/WR box>
<domain user logged into the TD client box executing the remote execution>

15. Click <OK>.
16. Give "Local Access" and "Remote Access" permissions to the groups and users.
17. Click <OK>.
18. Under Access Permissions, repeat steps 9-17 for <Edit Default>.
19. Under Launch and Activation Permissions, click on <Edit Limits>. The Launch Permission dialog window appears.
20. Repeat steps 9-15.
21. Enable "Local Launch," "Remote Launch," "Local Activation," and "Remote Activation" permissions to the groups and users.
22. Click <OK>.
23. Repeat steps 20-22 for <Edit Default>.
Part IV: (for QTP only)
1. While still in the Component Services window, navigate to Console Root -> Component Services -> Computers -> My Computer -> DCOM Config.
2. Look for the following.

AQTRmtAgent
QuickTest Professional Automation
TlpRmtServer

3. For each of these DCOM applications, right click and select <Properties>.
4. Under the Identity tab, select <The Interactive User>. This will allow the DCOM application to authenticate the process against the logged in Windows user and run the process in that security context.
5. Next, go to the Security tab.
6. For both the <Launch and Activation Permissions> and <Access Permissions>, select <Use Default>. This will use the Default security settings as we did in Part III.
7. Click Apply, then OK to commit the changes.
8. Now, you are ready to run a remote execution test with QTP.
Example Screenshot of the Security Configuration (see word attachment)
Part V: (for WR only)
1. While still in the Component Services window, navigate to Console Root -> Component Services -> Computers -> My Computer -> DCOM Config.

2. Look for the following:

{0B171F02-F204-11D0-9398-0080C837F11F}
Wrun Document

3. For each of these DCOM applications, right click and select <Properties>.
4. Under the Identity tab, select <The Interactive User>. This will allow the DCOM application to authenticate the process against the logged in Windows user and run the process in that security context.
5. Next, go to the Security tab.
6. For both the <Launch and Activation Permissions> and <Access Permissions>, select <Use Default>. This will use the Default security settings as we did in Part III.
7. Click Apply, then OK to commit the changes.
8. Now, you are ready to run a remote execution test with WR.
Part VI: (For System Test, BPT, and VAPI-XP)
Repeat the procedure outlined in Part V above but replace the WR Application ID in step 2 with the appropriate one for each of the remote agent listed below:

Vapi-XP object
{CD70EDCE-7777-11D2-9509-0080C82DD192}

Business Process Testing object
{6A03829E-EC39-4802-A631-3841484EFBE3}

System Test Remote Agent
{1B78CAE4-A6A8-11D5-9D7A-000102E1A2A2}

Notes:

If you have not configured the Remote Agent to be allowed under "Programs and Services," a Windows Security Alert message will appear while running a test remotely. Click <Unblock> to resolve this problem. The next time you execute an automated scrīpt, the warning will not appear.
If after performing all the described steps and you still receive "The RPC server is unavailable" message, create some shared folder anywhere on the Testing Tool machine.
Below is a list of supported Mercury's Testing Tools on Windows XP SP2:

TestDirector Version Testing Tool Testing tool versions
TestDirector for Quality Center 8.2 QuickTest Professional 8.2
  WinRunner 8.0, 8.2
  Business Process Testing 8.2
TestDirector 8.0 SP2 QuickTest Professional 8.2
  WinRunner 8.0, 8.2