https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/250367&feed=atom&action=history
Microsoft KB Archive/250367 - Revision history
2024-03-29T05:18:31Z
Revision history for this page on the wiki
MediaWiki 1.39.3
https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/250367&diff=377252&oldid=prev
X010: Text replacement - """ to """
2020-07-21T12:52:16Z
<p>Text replacement - """ to """</p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en-GB">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 12:52, 21 July 2020</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l90">Line 90:</td>
<td colspan="2" class="diff-lineno">Line 90:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><li>In the '''Multi-String Editor''' dialog box, in the '''Data''' box, specify the port or ports you want RPC to use for dynamic port allocation, and then click '''OK'''.<br /></div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><li>In the '''Multi-String Editor''' dialog box, in the '''Data''' box, specify the port or ports you want RPC to use for dynamic port allocation, and then click '''OK'''.<br /></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><br /></div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><br /></div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Each string value you type specifies either a single port or an inclusive range of ports. For example, to open port 5000, specify <del style="font-weight: bold; text-decoration: none;">&quot;</del>5000<del style="font-weight: bold; text-decoration: none;">&quot; </del>without the quotation marks. To open ports 5000 to 5020 inclusive, specify <del style="font-weight: bold; text-decoration: none;">&quot;</del>5000-5020<del style="font-weight: bold; text-decoration: none;">&quot; </del>without the quotation marks. You can specify multiple ports or ports ranges by specifying one port or port range per line. All ports must be in the range of 1024 to 65535. If any port is outside this range or if any string is invalid, RPC will treat the entire configuration as invalid.<br /></div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>Each string value you type specifies either a single port or an inclusive range of ports. For example, to open port 5000, specify <ins style="font-weight: bold; text-decoration: none;">"</ins>5000<ins style="font-weight: bold; text-decoration: none;">" </ins>without the quotation marks. To open ports 5000 to 5020 inclusive, specify <ins style="font-weight: bold; text-decoration: none;">"</ins>5000-5020<ins style="font-weight: bold; text-decoration: none;">" </ins>without the quotation marks. You can specify multiple ports or ports ranges by specifying one port or port range per line. All ports must be in the range of 1024 to 65535. If any port is outside this range or if any string is invalid, RPC will treat the entire configuration as invalid.<br /></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><br /></div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><br /></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Microsoft recommends that you open up ports from 5000 and up, and that you open a minimum of 15 to 20 ports.</li></div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Microsoft recommends that you open up ports from 5000 and up, and that you open a minimum of 15 to 20 ports.</li></div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l143">Line 143:</td>
<td colspan="2" class="diff-lineno">Line 143:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>== REFERENCES ==</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>== REFERENCES ==</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>For more information concerning using DCOM and RPC with firewalls, consult the white paper by Michael Nelson, <del style="font-weight: bold; text-decoration: none;">&quot;</del>Using Distributed COM with Firewalls,<del style="font-weight: bold; text-decoration: none;">&quot; </del>which is available at the following Microsoft Web site:</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>For more information concerning using DCOM and RPC with firewalls, consult the white paper by Michael Nelson, <ins style="font-weight: bold; text-decoration: none;">"</ins>Using Distributed COM with Firewalls,<ins style="font-weight: bold; text-decoration: none;">" </ins>which is available at the following Microsoft Web site:</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><div class="indent"></div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div><div class="indent"></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
</table>
X010
https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/250367&diff=137641&oldid=prev
3155ffGd: importing KB archive
2020-07-18T16:15:00Z
<p>importing KB archive</p>
<p><b>New page</b></p><div><div id="nsbanner"><br />
<br />
<div id="bannerrow1"><br />
<br />
{|<br />
| Knowledge Base<br />
|<br />
|}<br />
<br />
<br />
</div><br />
<div id="TitleRow"><br />
<br />
= <span id="KB250367"></span>Configuring Microsoft Distributed Transaction Coordinator (DTC) to work through a firewall =<br />
<br />
<br />
</div><br />
<br />
</div><br />
<div id="nstext" valign="BOTTOM"><br />
<br />
Article ID: 250367<br />
<br />
Article Last Modified on 12/3/2007<br />
<br />
<br />
-----<br />
<br />
APPLIES TO<br /><br />
<br /><br />
<br />
* Microsoft Transaction Services 2.0<br />
<br />
<br />
-----<br />
<br />
<div class="notice_section"><br />
<br />
This article was previously published under Q250367<br />
<br />
</div><br />
<div class="notice_section"><br />
<br />
'''Important''' This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:<br />
<div class="indent"><br />
<br />
[[../322756|322756]] How to back up and restore the registry in Windows XP and Windows Vista<br />
<br />
<br />
</div><br />
<br />
</div><br />
<div class="summary_section"><br />
<br />
== SUMMARY ==<br />
<br />
This article describes how to configure Microsoft Distributed Transaction Coordinator (DTC) to work through firewalls.<br />
<br />
</div><br />
<div class="moreinformation_section"><br />
<br />
== MORE INFORMATION ==<br />
<br />
You can configure DTC to communicate through firewalls, including network address translation firewalls.<br /><br />
<br /><br />
DTC uses Remote Procedure Call (RPC) dynamic port allocation. By default, RPC dynamic port allocation randomly selects port numbers above 1024. By modifying the registry, you can control which ports RPC dynamically allocates for incoming communication. You can then configure your firewall to confine incoming external communication to only those ports and port 135 (the RPC Endpoint Mapper port).<br /><br />
<br /><br />
You must provide one incoming dynamic port for DTC. You may need to provide additional incoming dynamic ports for other subsystems that rely on RPC.<br /><br />
<br /><br />
The registry keys and values described in this article do not appear in the registry by default; you must add them by using Registry Editor.<br /><br />
<br /><br />
'''Warning''' Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.<br /><br />
Follow these steps to control RPC dynamic port allocation. You will have to do this on both computers. Note also that the firewall mustbe open in both directions for the specified ports:<br />
<ol><br />
<li>To start Registry Editor, click '''Start''', click '''Run''', type <span class="kbd userinput"> regedt32</span>, and then click '''OK'''.<br /><br />
<br /><br />
You must use Regedt32.exe, rather than Regedit.exe, because Regedit.exe does not support the REG_MULTI_SZ data type that is required for the Ports value.</li><br />
<li>In Registry Editor, click HKEY_LOCAL_MACHINE in the Local Machine window.</li><br />
<li>Expand the tree by double-clicking the folders named in the following path:<br />
<div class="indent"><br />
<br />
<p>HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc</p><br />
<br />
</div></li><br />
<li>Click the RPC folder, and then click '''Add Key''' on the '''Edit''' menu.</li><br />
<li>In the '''Add Key''' dialog box, in the '''Key Name''' box, type <span class="kbd userinput"> Internet</span>, and then click '''OK'''.</li><br />
<li>Click the Internet folder, and then click '''Add Value''' on the '''Edit''' menu.</li><br />
<li>In the '''Add Value''' dialog box, in the '''Value Name''' box, type <span class="kbd userinput"> Ports</span>.</li><br />
<li>In the '''Data Type''' box, select '''REG_MULTI_SZ''', and then click '''OK'''.</li><br />
<li>In the '''Multi-String Editor''' dialog box, in the '''Data''' box, specify the port or ports you want RPC to use for dynamic port allocation, and then click '''OK'''.<br /><br />
<br /><br />
Each string value you type specifies either a single port or an inclusive range of ports. For example, to open port 5000, specify &quot;5000&quot; without the quotation marks. To open ports 5000 to 5020 inclusive, specify &quot;5000-5020&quot; without the quotation marks. You can specify multiple ports or ports ranges by specifying one port or port range per line. All ports must be in the range of 1024 to 65535. If any port is outside this range or if any string is invalid, RPC will treat the entire configuration as invalid.<br /><br />
<br /><br />
Microsoft recommends that you open up ports from 5000 and up, and that you open a minimum of 15 to 20 ports.</li><br />
<li>Follow steps 6 through 9 to add another key for Internet, by using the following values:<br />
<div class="indent"><br />
<br />
<p>Value: PortsInternetAvailable<br /><br />
Data Type: REG_SZ<br /><br />
Data: Y</p><br />
<br />
</div><br />
This signifies that the ports listed under the Ports value are to be made Internet-available.</li><br />
<li>Follow steps 6 through 9 to add another key for Internet, by using the following values:<br />
<div class="indent"><br />
<br />
<p>Value: UseInternetPorts<br /><br />
Data Type: REG_SZ<br /><br />
Data: Y</p><br />
<br />
</div><br />
This signifies that RPC should dynamically assign ports from the list of Internet ports.</li><br />
<li>Configure your firewall to allow incoming access to the specified dynamic ports and to port 135 (the RPC Endpoint Mapper port).</li><br />
<li>Restart the computer. When RPC restarts, it will assign incoming ports dynamically, based on the registry values that you have specified. For example, to open ports 5000 through 5020 inclusive, create the following named values:<br />
<div class="indent"><br />
<br />
<p>Ports : REG_MULTI-SZ : 5000-5020<br /><br />
PortsInternetAvailable : REG_SZ : Y<br /><br />
UseInternetPorts : REG_SZ : Y</p><br />
<br />
</div></li></ol><br />
<br />
DTC also requires that you are able to resolve computer names by way of NetBIOS or DNS. You can test whether or not NetBIOS can resolve the names by using ping and the server name. The client computer must be able to resolve the name of the server, and the server must be be able to resolve the name of the client. If NetBIOS cannot resolve the names, you can add entries to the LMHOSTS files on the computers.<br /><br />
<br /><br />
For more information, click the following article number to view the article in the Microsoft Knowledge Base:<br />
<div class="indent"><br />
<br />
[[../217351|217351]] DCOM port range configuration problems<br />
<br />
<br />
</div><br />
For more information about LMHOSTS files, click the following article number to view the article in the Microsoft Knowledge Base:<br />
<div class="indent"><br />
<br />
[[../102725|102725]] LMHOSTS file information and predefined keywords<br />
<br />
<br />
</div><br />
<br />
</div><br />
<div class="references_section"><br />
<br />
== REFERENCES ==<br />
<br />
For more information concerning using DCOM and RPC with firewalls, consult the white paper by Michael Nelson, &quot;Using Distributed COM with Firewalls,&quot; which is available at the following Microsoft Web site:<br />
<div class="indent"><br />
<br />
[http://www.microsoft.com/com/wpaper/dcomfw.asp http://msdn2.microsoft.com/en-us/library/ms809327.aspx]<br />
<br />
<br />
</div><br />
<br />
</div><br />
<br /><br />
<br />
Additional query words: kbDTC kbMTS kbSQL kbDCOM msdtc ms<br />
<br />
Keywords: kbdcom kbdtc kbinfo KB250367<br />
<br />
<div class="footer"><br />
<br />
<br /><br />
<br />
<br />
-----<br />
<br />
[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]<br />
<br />
<span>© Microsoft Corporation. All rights reserved.</span><br />
<br />
<br />
</div><br />
<br />
</div></div>
3155ffGd