Configuring Security for Distributed Transactions

Applies To: Windows Server 2008

Using distributed transactions can make the computers that are running transactions vulnerable to potential security attacks. To help minimize any risk to your networked environment, the Microsoft Distributed Transaction Coordinator (MS DTC) offers some security administration settings that you can either enable or disable, depending on the level of security that you need.

We also highly recommend that you enable Windows Firewall on the computers involved and configure it to enable MS DTC traffic. For more information, see Enable Firewall Exceptions for MS DTC.

To provide the highest level of security, network access for MS DTCs is disabled. If a computer must participate in network transactions, we recommend that you enable only the components necessary to allow the type of transactions that the MS DTC needs to handle. For more information, see Enable Network Access Securely for MS DTC.

This section includes the following tasks for implementing and managing security for distributed transactions:

• Managing Accounts and Privileges

• Enable Network Access Securely for MS DTC

• Managing the MSDTC Service Remotely

• Configure Transaction Services for Network Clients

• Disabling Native Distributed Transactions

• Turn Off Authentication Required on Windows Server 2008