Microsoft KB Archive/883960

= How to enable MSDTC communications with Commerce Server 2002 Developer Edition in Windows XP Service Pack 2 (SP2) =

Article ID: 883960

Article Last Modified on 8/12/2004

-

APPLIES TO


 * Microsoft Commerce Server 2002 Developer Edition
 * Microsoft Windows XP Service Pack 2

-



Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect your system.



SUMMARY
''After you install Microsoft Windows XP Service Pack 2 (SP2), any sites that are hosted by Microsoft Commerce Server 2002 Developer Edition and that connect to a Microsoft Windows 2000 Server or a Microsoft Windows Server 2003 Microsoft SQL Server backend may not be able to perform network Microsoft Distributed Transaction Coordinator (MSDTC) operations. Windows XP SP2 includes Microsoft Windows Firewall, the updated firewall software that replaces Internet Connection Firewall (ICF). If Windows Firewall blocks a port that is used by a service or by a program, you can configure the Windows Firewall to create an exception. For MSDTC to work correctly, you must create an Exception in the Windows Firewall.''



MORE INFORMATION
After you install Windows XP SP2, Commerce Server 2002 sites that are hosted on Windows XP SP2 and that connect to a Windows 2000 Server or a Windows Server 2003 SQL Server backend may not be able to perform network MSDTC operations.

You may receive error messages that indicate problems with MSDTC. For example, you may receive the following error message during a checkout:

New transaction cannot enlist in specified transaction coordinator.

After you install Windows XP SP2, take the following actions:
 * Turn on Network MSDTC Access.
 * Change your Windows Firewall configuration.

Turn on Network MSDTC Access

 * 1) Open the Component Services Microsoft Management Console (MMC) snap-in. To do this, use one of the following methods:
 * 2) * In Control Panel, open Administrative Tools, and then double-click Component Services.
 * 3) * Click Start, click Run, type %windir%\System32\Com\Comexp.msc, and then click OK.
 * 4) In the left pane, expand Component Services. If a dialog box appears, click Unblock.
 * 5) Expand Computers, expand My Computer, right-click My Computer, and then click Properties. The My Computer Properties dialog box appears.
 * 6) On the MSDTC tab, click Security Configuration under Transaction Configuration, and then click to select the Network DTC Access check box.
 * 7) Note Only if you are connecting to a Windows 2000 Server from a Windows XP SP2 computer, click No Authentication Required under Transaction Manager Communication.
 * 8) In the Security Configuration dialog box, click OK.
 * 9) In the MS DTC service will be stopped and restarted. All dependent services will be stopped. Please press Yes to proceed dialog box, click Yes.
 * 10) In the My Computer Properties dialog box, click OK two times to return to the Component Services MMC snap-in.

Change your Windows Firewall configuration
Warning This workaround may make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.

Important Every time that you enable an exception for a program or a service to communicate through Windows Firewall, your computer is made more vulnerable. We recommend that you only enable an exception when you really need it, never enable an exception for a program that you do not recognize, and remove an exception when you no longer need it.

To change your Windows Firewall configuration, follow these steps:
 * 1) Log on as an administrator.
 * 2) Click Start, click Run, type Wscui.cpl, and then click OK.
 * 3) In the Windows Security Center window, click Windows Firewall.
 * 4) On the Exceptions tab, click Add Program.
 * 5) In the list of programs, click Browse, and then locate %WINDIR%\System32\Msdtc.exe.
 * 6) Click OK to return to the Exceptions tab.
 * 7) Click Add Port, and then click Open.
 * 8) In the Name box, type a friendly name such as Port 135 for MSDTC.
 * 9) In the Port Number box, type a port number, and then click TCP. For example, the port number could be 135.
 * 10) Click OK, and then follow the prompts when you return to the Firewall Exceptions dialog box. You may have to restart your computer.

