Disabling Native Distributed Transactions
In Microsoft Windows XP, Windows Server 2003, and subsequent versions, an administrator can disable native distributed transactions on domain controllers. (The term native refers to the use of the proprietary RPC protocol.) The disabling of native distributed transactions helps protect the DTC from attacks over the network. Turning off native distributed transactions is performed during setup.
When native transactions are disabled, local transactions—for example, those performed by users such as Message Queuing and COM+—are still allowed. However, any attempt to import a transaction or export a transaction to another node fails.
|Before disabling distributed transactions, check to ensure that no transactions are currently in progress. Disabling distributed transactions prevents the DTC from communicating the status of in-doubt transactions.|
When you want to enable distributed transactions, you essentially have two options available, as follows:
If every node within the domain is a trusted, you can enable distributed transactions.
If there are nodes within the domain that are not trusted, you can set up a firewall around the trusted nodes and enable distributed transactions for those nodes only.
When native transactions are disabled, a different protocol, Transaction Internet Protocol (TIP), is still available for distributed transactions. When native transactions are disabled on two nodes and TIP is enabled, distributed transactions can still be performed between the two nodes.