July 28, 2005 at 1:28 pm
We have an internal browser-based application that use COM+ components and DTC to management distributed transactions across 2 databases. Both the web server and database server are Windows 2000 and everything resides in the same domain. There are no firewall restrictions between the servers.
Our application had been running without problem for months. COM+/DTC was doing its job. Life was good. Then our network techs ran Microsoft's "Rollup 1 for Windows 2000 SP4" on both our web server and database server based on a recommendation from a security auditing tool.
Now our COM+ components are failing whenever a user attempts to save data. They are receiving the following error:
"New transaction cannot enlist in the specified transaction coordinator."
I'm assuming the rollup closed some security hole related to DTC and this is causing our application to fail. Does anyone know of any issues related to "Rollup 1" and DTC on W2K machines. Could this be a permissions issue? Is there an explicit permission that either the COM+ app or the DTC service needs to have set after the "rollup"?
Any help would be greatly appreciated. Thanks.
-Dave G.
July 28, 2005 at 2:06 pm
I would check and see if they have tightened the hatches on mdtc as on xp and wk2003, search for xp sp2 mdtc on google thats where I found articles to fix the issues I had in xp and wk2003
July 28, 2005 at 8:18 pm
This is an error I'm used to seeing on Windows Server 2003, but not 2000. It may be worth the money to open a case with Microsoft on it. If the only change has been to apply the rollup, you're probably not the only folks having this problem (meaning if it turns out to be a bug they won't charge you). There have been other issues, mostly with 3rd party products, with rollup 1, so it wouldn't surprise me if there is an issue.
K. Brian Kelley
@kbriankelley
July 29, 2005 at 12:58 pm
Thanks for the replies. Turns out I got some misinformation from our network techs. Turns out the SQL Server installation is now on a Windows 2003 server not a Windows 2000 Server. Only the web server is Windows 2000.
Once I found this out, I was able to use MS article #839279 to resolve the problem. Basically, on the 2003 server the security configuration needed to be changed so that authentication was not required for transactions. By default, the security requirement was for mutual authentication. I need to do some more digging but once this setting was changed our app started working again.
Anyone see anything to worry about with this MS workaround? These are internal servers so our risk exposure is low.
Thanks again. - Dave G.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply