Setup MSDTC Network Access
| Previous Setup MSDTC CID | Manual Configuration | Setup MSDTC Cluster Next |
|---|
FineBuild can configure MSDTC network access.
If it is required for SQL Server to perform two-phase commit operations with processes that run on a different logical server, then MSDTC network access must be enabled.
For many installations it is not necessary to enable MSDTC network access. However, if MSDTC is being clustered then MSDTC network access must be enabled.
The MSDTC Network Access configuration relates to Process Id 2ACC and is controlled by the parameters below:
| SQL Version | Parameter | FULL Build | WORKSTATION Build | CLIENT Build |
|---|---|---|---|---|
| SQL2019 | /SetupDTCNetAccess: | Yes | Yes | N/A |
| SQL2017 | /SetupDTCNetAccess: | Yes | Yes | N/A |
| SQL2016 | /SetupDTCNetAccess: | Yes | Yes | N/A |
| SQL2014 | /SetupDTCNetAccess: | Yes | Yes | N/A |
| SQL2012 | /SetupDTCNetAccess: | Yes | Yes | N/A |
| SQL2008R2 | /SetupDTCNetAccess: | Yes | Yes | N/A |
| SQL2008 | /SetupDTCNetAccess: | Yes | Yes | N/A |
| SQL2005 | /SetupDTCNetAccess: | Yes | Yes | N/A |
The MSDTC Network Access processing will always be performed if the /SetupDTCCluster: parameter is set to YES. For Windows 2008 and above this is performed for both the non-clustered and clustered instances of MSDTC. For Windows 2003, this is only performed for the clustered instance of MSDTC.
FineBuild also uses the following parameters to help configure MSDTC Cluster:
| Parameter | Default | Description |
|---|---|---|
| /TCPPortDTC: | 13300 | Base port number for MSDTC |
The SQL FineBuild processing for Setup MSDTC Network Access consists of the following items:
The following steps show what you would have to do for manual MSDTC Network Access configuration. FineBuild does all of this work for you automatically.
-
Start Component Services manager
Click Start, then Run, and type comexp.msc. Navigate to My Computer then right-click and select Properties
-
On the MSDTC tab, click on Security Configuration
-
Set the following options
When complete, click OK to continue
For details of why this is done see KB817064
Item Value Network DTC Access Checked Allow Inbound Checked Allow Outbound Checked Mutual Authentication Required Select only if you are not installing a MSDTC cluster Incoming Caller Authentication Required Select only if you are installing a MSDTC cluster 
-
Click Yes to continue
-
Click OK to continue
Next, click OK to close the My Computer Properties window
MSDTC must be assigned a TCP Port for Network Access, and that port must be given a Firewall exemption.
The following substitutions should be made where the strings appear in the commands below:
| Item | Value |
|---|---|
| PortId | Value of /TCPPortDTC: |
| HighPort | PortId value + 200 |
-
Run the following command to show all the ports currently in use on the server:
NETSTAT -an -
If the port given in the /TCPPortDTC: parameter is not in use, then that port can be used for MSDTC. If it is in use then keep adding 1 (one) to the base port number until you identify a port number that is not in use.
-
If you are using Windows 2008 R2 or above then run the following command to set up the Firewall port exemption:
NETSH ADVFIREWALL FIREWALL ADD RULE NAME="Distributed Transaction Coordinator Local (Port)" LOCALPORT=PortId PROTOCOL=TCP ACTION=ALLOW PROFILE=DOMAIN DIR=IN -
If you are using Windows 2008 R2 or above set the following registry key:
HKLM\SOFTWARE\Microsoft\MSDTC\ServerTcpPort=PortId -
If you are using Windows 2008 or below set the following registry keys:
HKLM\SOFTWARE\Microsoft\Rpc\Internet\Ports="PortId-HighPort" HKLM\SOFTWARE\Microsoft\Rpc\Internet\PortsInternetAvailable="Y" HKLM\SOFTWARE\Microsoft\Rpc\Internet\UseInternetPorts="Y"
Copyright FineBuild Team © 2012 - 2021. License and Acknowledgements
| Previous Setup MSDTC CID | Top | Setup MSDTC Cluster Next |
|---|