Changing DTC security settings

You need to change the DTC security settings on your Content Manager server (and if necessary on your Content Manager database server) otherwise the machine will experience problems receiving requests (reporting for example 'Transaction cannot enlist' in the Windows Event Log).

Procedure

  1. Access your Content Manager server machine.
  2. In the Windows Control Panel, access Administrative Tools > Component Services.
  3. Depending on your operating system, do one of the following:
    • On Windows 2008:

      Select Component Services > My Computer > Distributed Transaction Coordinator > Local DTC and choose Properties from the context menu. A window called Local DTC Properties opens. Select the Security tab and proceed to step 3.

    • On Windows 2003:

      Select Component Services > My Computer and choose Properties from the context menu. A window called My Computer Properties opens. In the MSDTC tab, click the Security Configuration button and proceed to step 3.

  4. To fix the DTC security settings:
    • In the Transaction Manager Communication area, select No Authentication Required or, if your communication between Content Manager server and database server requires authentication, ensure that each of the two machines can resolve or find the other machine's NetBios name.
    • If your database is Oracle, in the Security Settings area, select Enable XA Transactions.
    • If your database is SQL Server, ensure that the check boxes Network DTC Access, Allow Inbound and Allow Outbound are selected.
  5. Click OK to close the dialogs and close the Component Services window.
  6. Additionally, ensure that the following ports are open on the Content Manager server:
    • port 135: this port is used by MSDTC for RPCs (Remote Procedure Calls).
    • ports 5000-5500: MSDTC uses a port in this range as a randomly allocated high TCP port.
    Consult with the security administrator in your organization to find out if these ports are open, and if not, how to open them.
  7. If your Content Manager database server runs on a Windows machine, access that machine, navigate to the same DTC security configuration screen described in step 2, and apply the same changes as on the Content Manager server: that is, for Oracle, ensure that Enable XA Transactions is selected, or for SQL Server, ensure that Network DTC Access, Allow Inbound and Allow Outbound are selected.
  8. Alternatively, if your Content Manager database server is Oracle and runs on a non-Windows machine, enable XA transactions for Oracle.
  9. Also, open the same ports as on the Content Manager server: port 135 and ports 5000-5500. Consult with the security administrator in your organization to find out if these ports are open, and if not, how to open them.

What to do next

For more detailed information on this configuration, refer to Microsoft Knowledge Base article 250367, found online at http://support.microsoft.com/kb/250367.