In today’s world, security hardening is causing many headaches to software developers and admins. Especially when you have an application that needs to go beyond the boundaries of the local machine. MSDTC is a distributed app by definition and thus, getting transacted app that uses MSDTC to work in your network is not as easy as one would expect. You either get “New transaction cannot enlist in specified transaction coordinator” or 8004d00a.
There is a tool that can help you troubleshoot MSDTC connectivity issues, and that tool is called DTCPing: http://www.microsoft.com/downloads/details.aspx?FamilyID=5e325025-4dcd-4658-a549-1d549ac17644&DisplayLang=en
It was initially created to troubleshoot firewall issues: http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q306843 This KB article also gives you instructions on how to use DTCPing.
Most common errors that block MSDTC connectivity in a network are:
1. MSDTC Security settings are not configured properly: http://blogs.msdn.com/florinlazar/archive/2004/06/18/159127.aspx
2. MSDTC is not in the exception list in the firewall
3. The two machines involved in the transaction cannot see each other by the NetBIOS name. Try ping-ing the machines by name. If that fails, MSDTC will fail. You can solve this by updating your system32\drivers\etc\hosts file.
4. If the machines were imaged improperly, the CID for MSDTC under HKEY_CLASSES_ROOT\CID may be the same on the two machines, while they need to be unique. The KB 306843 mentioned above gives the instructions to correct this issue.