Network DTC Access on a Cluster

Question

Is there any reason why we shouldn't enable Network DTC Access on our SQL 2008 cluster?  One of our vendors, has a web app that requires it.  It's been running from a separate DB server up to now, but we're trying to consolidate all DBs to the cluster and came across this issue.  I just want to be sure we're not opening up a security can of worms here.

Answer 1

Hi S31064,

Regarding to your description, you can enable network DTC Access for SQL Server Cluster. The  clustering SQL Server is that you enable & configure the MSDTC (Microsoft Distributed Transaction Coordinator) service in "network" mode.  What is your OS?

If we talk about the option of cluster configuration with needed resources of DTC and ho to be configured, please refer to below:
• You have to add a DTC resource within cluster configurations
• Then you have to right click SQL Service >>Server Properties>> connection >>then mark require distributed transactions for server to server communications >.
• Then you have to go to DTC configurations of cluster in Win 2008 , 2008 R2 or DTC configurations of local nodes with win 2003 , 2003 R2.
• Then apply the same setting you have carried out above
• Then go to APP server and apply the same setting
• Then assure the following 24 K ports are open bidirectional between DB+ APP server (1024 -65535) TCP +TCP 135 also (From DB to APP and from APP to DB)
• Then download DTC ping from Microsoft and run it on both DB + APP server to validate everything is going properly before going live.
• If fine , restart SQL Service to activate using DTC .

For more information about DTC for SQL Server and how to configure, please refer to these articles as below:
1 How to configure DTC for SQL Server in a Windows 2008 cluster: http://blogs.msdn.com/b/cindygross/archive/2009/02/22/how-to-configure-dtc-for-sql-server-in-a-windows-2008-cluster.aspx
2. What is MSDTC and why do I need to care about it:  http://blogs.msdn.com/b/florinlazar/archive/2004/03/04/what-is-msdtc-and-why-do-i-need-to-care-about-it.aspx
3. Enable Network DTC Access: http://technet.microsoft.com/en-us/library/cc753510%28WS.10%29.aspx
4. How to Configure Multiple Instances of Distributed Transaction Coordinator (DTC) on a Windows Server Failover Cluster 2008: http://blogs.technet.com/b/askcore/archive/2009/02/18/how-to-configure-multiple-instances-of-distributed-transaction-coordinator-dtc-on-a-windows-server-failover-cluster-2008.aspx
5. How To Enable & Configure MS DTC for SQL Clustering on Windows Server 2003 Step-By-Step directions on how To Enable & Configure MS DTC for SQL Clustering on Windows Server 2003: http://projectsmm.com/technet/mssql/msdtc/cluster_msdtc.shtml

---

Regards, Amber zhang