Turn Off Authentication Required on Windows Server 2008

Applies To: Windows Server 2008

When Microsoft Distributed Transaction Coordinator (MS DTC) computers are not running in a Windows domain, distributed transactions fail by default because the remote procedure call (RPC) security that MS DTC uses cannot be used in this environment. The same condition applies to MS DTC computers that are in untrusted domains. In Windows Server 2003 and Windows Server 2008, RPC security is not turned off. Therefore, distributed transactions fail in a workgroup environment or in untrusted domains.

To resolve this condition, consider putting the computers in a domain. If that is not possible, complete the following procedure.

Membership in Administrators, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (http://go.microsoft.com/fwlink/?LinkId=83477).

To turn off authentication that is required for distributed transactions

  1. Open the Component Services snap-in.

    To open Component Services, click Start. In the search box, type dcomcnfg, and then press ENTER.

  2. In the Distributed Transaction Coordinator folder under My Computer, right-click Local DTC, and then click Properties.

  3. Click the Security tab.

  4. Select the Network DTC Access check box, and then select No Authentication Required.

  5. Click OK, and then click Yes when you are prompted to restart MS DTC.

  6. Click OK again to close the dialog box.


Make sure that the computer is in an isolated environment, such as a network protected by a firewall, before you turn off security on remote procedure calls.