Configuring MS DTC Services

Applies To: Windows Server 2008

Typically, the Distributed Transaction Coordinator service (MS DTC) is installed on each computer that runs either Microsoft Windows 2000, Windows XP, Windows Server® 2003, Windows Vista® or the Windows Server® 2008 operating system. Therefore, each Windows computer has its own instance of the Microsoft Distributed Transaction Coordinator (MS DTC).

In some cases, transactions can be more efficient when two or more systems are configured to share a single MS DTC transaction manager. For example, on a failover cluster (formerly known as a server cluster), a single instance of the MS DTC services the entire cluster. If a transaction touches multiple nodes, the transaction manager performs only a single log write. If each system has its own transaction manager, each system writes its own log records.

If an application performs transactions that span two or more computers, you must ensure that these computers are configured to communicate with each other. The MS DTC can propagate transactions from one system to another only if the MS DTC process on the first, or primary, system can communicate with the MS DTC process on the secondary system. However, a network configuration problem on either system can prevent the DTC processes from successfully communicating with each other. This causes a "Failed to enlist" error on applications.

All DTC process-to-process communication takes place through local remote procedure call (LRPC), remote procedure call (RPC), or the Transaction Internet Protocol (TIP).


Nonadministrative users must have the appropriate access rights to view and modify MS DTC configuration settings. Otherwise, any attempt to view or modify MS DTC configuration settings causes a "Permission denied" message to appear. If the user has Read access only, the MS DTC administrative user interface (UI) appears, but all administrative functions are unavailable.

System services that the MS DTC uses

The MS DTC uses the following system services:

  • NtLmSsp

    The MS DTC uses the NTLM Security Support Provider (NtLmSsp) service to encrypt the X/Open XA database open string that it stores in the MS DTC log file. The MS DTC uses this string when it opens an XA database to perform recovery. The open string is encrypted to help protect any user IDs and passwords that are in the open string.


The XA standard is a specification for distributed transaction processing (DTP) that is owned by The Open Group, an industry consortium that sets vendor-neutral and technology-neutral standards for computing infrastructure. For more information, see The Open Group (

  • RpcSs

    The MS DTC uses the Remote Procedure Call (RPC) (RpcSs) service to communicate between MS DTC components.

  • KtmRm

    The Kernel Transaction Manager (KTM) for the MS DTC uses this service to communicate between MS DTC components.

The MS DTC configuration options are described in more detail in the following topics: