11.2 MSDTC security configuration

SIU references: SIU-083, SIU-084, SIU-218.

Important: Microsoft is making changes to DCOM security over the course of releases in 2021 to 2023. See article KB5004442 on the Microsoft support site for details. These changes affect your Windows DCOM Server Security configuration, including future updates. You are recommended to follow the instructions in this section carefully, and to use the MyID Installation Assistant to check that your system is configured correctly.

If your system is split across more than one server you must set up your MSDTC security on the web server, application server and the database server to allow access. If you experience an error similar to the following, you may have to check either your MSDTC or Windows Firewall configuration:

Unable to perform the requested operation
Set up your MSDTC settings on the application and database tiers.

Note: When you install MyID using the MyID Installation Assistant, these settings are checked on the Post-Installation Check Results screen; if you need to change these settings, you can use the fix-it script provided on that screen. See section 2.20, Post-installation check results for details.

To set up the MSDTC security:

  1. Within Component Services, expand Component Services and Computers.
  2. Right-click on My Computer, and click Properties.
  3. Click the MSDTC tab.
  4. Make sure that Use local coordinator is selected.
  5. Click OK.
  6. Expand My Computer > Distributed Transaction Coordinator.
  7. Right-click Local DTC and select Properties.

  8. Click the Security tab.

    mSDTC

  9. To ensure that MyID works correctly, set the following options:

    • Network DTC Access.
    • Allow Remote Clients.
    • Allow Inbound.
    • Allow Outbound.

    • Mutual Authentication Required.

      Note: If you are using SQL Server authentication, select No Authentication Required instead.

      You specify whether to use SQL Server authentication or Windows authentication when installing MyID.

  10. Click OK.

Note: You may experience an error similar to the following when using mutual authentication:

Unable to perform the requested operation

For a workaround, see the Microsoft Knowledge Base article KB2172085.