Unable to enlist in a distributed transaction

  • Article

You run distributed transactions between two machines and they fail with the error "Unable to enlist in a distributed transaction".

 

Troubleshooting Steps for Windows 2003 SP1 and SP2.

 

1. First of all check if name resolution is working fine between the two servers. MSDTC uses NETBIOS name hence check for NETBIOS name resolution. You may use the command: ping <servername>

2. See if port 135 is open between the two machines. Run the command :

       telnet <server name> 135

       This might be blocked in case there is a firewall between the two servers. 

3. If name resolution is fine and port 135 is open, proceed with the following steps.

4. Go to Start à Run à (type in) Dcomcnfg. You should be inside Component Services MMC.

5. Expand Component Services à Computers à My Computer (right click) à Properties à MSDTC tab à Security Configuration button.

6. Enable the following options :

Network DTC Access

Allow Inbound

Allow Outbound

No Authentication Required (if the servers are in different domains with no mutual trust, or if the other server is Windows 2000)

Enable XA transactions (if you are using XA transactions)

 

For more information on these settings you may refer to the KB article : https://support.microsoft.com/default.aspx/kb/899191

7. After selecting the checkboxes as given above, it will prompt you to restart MSDTC. Say “Yes” to it.

8. If both the machines are Windows 2003 SP1 or SP2. We should have these settings on both the machines.

9. If the other machine is Windows 2000 SP4 we don’ t need to do anything there as we don't have these security features there.

10. If the problem persists, check if there is any firewall between the two machines.

11. If yes, then we need to open a TCP port range on the firewall bi-directionally. Also the same port range has to be configured on both the machines. Apart from that port no. 135 should be opened on the firewall too.

12. To specify the port range on the machine you may go to :

Start à Run à (type in) Dcomcnfg. You should be inside Component Services MMC.

Expand Component Services à Computers à My Computer (right click) à Properties àDefault Protocols.

Select the “Connection-oriented TCP/IP” à Click “Properties” button. Specify the port range that you have opened on the firewall

here. This should be done on both the machines.

(To specify the port range through Registry editor refer to https://support.microsoft.com/default.aspx/kb/250367)

13. Restart the machine for the port range changes to take effect.