Network access for MSDTC has been disabled

While dealing with user accounts in Microsoft’s new technology Lightswitch, I stumbled upon a problem that threw the following error message:

Network access for Distributed Transaction Manager (MSDTC) has been disabled. Please enable DTC for network access in the security configuration for MSDTC using the Component Services Administrative tool.

Okay, my problem was that users in a Lightswitch application are created in a transaction. That transaction is fired in my case by the network service, the account my LightSwitch server application is running under. But MSDTC is deactivated for the network by default, because of security reasons.

The dialog to change security settings for MSTDC changed tremendously between Windows 2003 and Windows 2008. I found many examples for Windows 2003 on the web though, but just a few for Wind0ws 2008 and most of them were rather confusing.

Here’s a short walk through for those who have a similar problem.

1) Open the DCOM configuration snap-in by typing dcomcnfg in run-as .
2) Expand the Component Services branch. Open Component Services/Computers/My Computer/Distributed Transaction Coordinator/Local DTC


3) Right click on Local DTC and choose properties
4) Open the security tab


5) Check at least Network DTC Access, Allow Remote Clients and Allow Inbound. Because I was routing my transactions to another computer I had to activate Allow Outbound communication as well.


Auto Admin Logon on servers that are domain members

If you want to enable AutoAdminLogon on a Windows 2008 server it’s quite easy, just type “control userpasswords2” in the run as textbox and hit enter. Then a dialog appears that shows a checkbox, which is usually checked, saying that users must enter username and password. If you uncheck this checkbox you will be asked for the password of the current user. Windows stores the password and enables auto logon in the registry. Voila.

This does not work on domain member machines unfortunately. On a server that is part of a domain the checkbox is disabled. To enable the checkbox you have to do this:

In the run as textbox type the following command:

reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” /v AutoAdminLogon /t REG_SZ /d “1” /f

This adds a key to the registry and re-enables the checkbox.

You may have to add the name of the domain as well, because by default Windows would use the local user account. In this case run the following command:

reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” /v DefaultDomainName /t REG_SZ /d “domain” /f

Replace domain by your actual domain name.

I love this error message

Well, I considered regular expressions always useful in many cases. But in error messages?


Tell me, is this helpful?