Turning Off Remote Procedure Call Security on Windows 2003 Server

Turning Off Remote Procedure Call Security on Windows 2003 Server


When Distribution Transaction Coordinator (DTC) machines are not running in a Windows domain, distributed transactions fail by default because the Remote Procedure Call (RPC) security used by DTC cannot be used in this environment. The same applies to DTC machines that are in untrusted domains. On Windows Server 2003, RPC security is not turned off and therefore distributed transactions fail in a workgroup environment or in untrusted domains.

To fix this problem, consider putting the machines in a domain, or if that is not possible, for machines running Windows Server 2003 without Service Pack 1 (SP1) add a DWORD registry value named TurnOffRpcSecurity at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSDTC and set this value to be 1 to turn off RPC security. An MSDTC service restart is required for the change to take effect.

To fix this problem on machines running Windows Server 2003 SP1:

  1. Open the Component Services tool.

  2. Right click My Computer in the Computers folder under Component Services, and select Properties.

  3. On the MSDTC tab, click Security Configuration.

  4. Check Network DTC Access, and then select No Authentication Required.

  5. Click OK, click Yes when prompted to restart MS DTC, click OK, and click OK again to close the My Computer Properties dialog box.


Make sure the machine is in an isolated environment such as a network protected by a firewall, before you turn off security on remote procedure calls.

Community Additions

© 2016 Microsoft