Microsoft KB Archive/918327

= FIX: The Distributed Transaction Coordinator service security settings revert to the default settings =

Article ID: 918327

Article Last Modified on 6/23/2006

-

APPLIES TO


 * Microsoft COM+ 2.0 Standard Edition

-





SYMPTOMS
When you elevate a computer that is running the Microsoft Distributed Transaction Coordinator (MSDTC) service to be a primary domain controller, the following events occur in the following order:
 * The Distributed Transaction Coordinator service recognizes this change.
 * The Distributed Transaction Coordinator service security settings revert to the default settings.
 * The Distributed Transaction Coordinator service restarts.
 * XA transaction support is turned off.



CAUSE
This behavior occurs because the Distributed Transaction Coordinator service is designed to default back to a secure setting when a computer that is running the Distributed Transaction Coordinator service has been made a domain controller.



RESOLUTION
To resolve this behavior, manually check which security settings are enabled on the computer before the computer that is running the Distributed Transaction Coordinator service is made a domain controller. After the computer is made a domain controller, manually reset the security settings to their previous settings. For more information about the Distributed Transaction Coordinator service, click the following article number to view the article in the Microsoft Knowledge Base:

899191 New functionality in the Distributed Transaction Coordinator service in Windows Server 2003 Service Pack 1 and in Windows XP Service Pack 2



STATUS
This behavior is by design.



Steps to reproduce the behavior
 Configure two domain controllers in a domain. Configure the Distributed Transaction Coordinator service security settings. To do this, follow these steps:  Open Component Services. Expand Component Services, expand Computers, right-click My Computer, and then click Properties. Click the MSDTC tab, and then click Security Configuration.</li> Click to select the Allow Inbound check box, and then click OK.</li> Click OK to close the My Computer Properties dialog box.</li></ol> </li> Set the primary domain controller (PDC) role to the computer that is running the Distributed Transaction Coordinator service. The Distributed Transaction Coordinator service will restart.</li> Examine the security setting that you set in step 2. The Allow Inbound check box is no longer selected.</li></ol>

Additional query words: MSDTC

Keywords: kbinfo kbtshoot kbdtc kbprb KB918327

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.