MSDTC encountered an error (HR=0x80000171) while attempting to establish a secure connection with system "ServerName"

.net-4.0 transactions sql-server-2008-r2 windows-server-2008-r2 msdtc
Muzaffar Ali Rana picture Muzaffar Ali Rana · May 5, 2012 · Viewed 24.3k times · Source

I have a website application which is using Microsoft Data Transactions and it is based on .NET Framework 4.0 and SQL Server 2008 R2 Express Edition for the database, being deployed at Windows 2008 Server R2 which is a virtual server. The database and IIS are both at the same server.

The problem is that the error is occurring in the server event logs as:- MSDTC encountered an error (HR=0x80000171) while attempting to establish a secure connection with system ‘ZEPHYR’. Zephyr is my Server’s name.

I have done almost all the things included in the two forum questions already:- http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/eb8835d9-5f5b-4df2-8c68-4a61d5e44d6b/
http://social.msdn.microsoft.com/Forums/en-US/sqlgetstarted/thread/13586ca7-f645-4ed7-96e8-ba03f66ef38b

All things are working fine, but when executing the following command using the SUBINACL tool:- 

C:\Program Files (x86)\Windows Resource Kits\Tools>subinacl /service msdtc /grant="Network Service"=QSETIL
msdtc - OpenService Error : 5 Access is denied.


Elapsed Time: 00 00:00:00
Done:        1, Modified        0, Failed        1, Syntax errors        0
Last Done  : msdtc
Last Failed: msdtc - OpenService Error : 5 Access is denied.
subinacl /service msdtc /grant="Network Service"=QSETIL



But then I used the following ICACLS command to give access to this by using ICACLS command:-

icacls c:\windows\system32\msdtc\msdtc.log /grant admin:(d,wdac)



NOTE: ‘admin’ is my user for the Server. But again it is not resolving the issue. The access rights for the msdtc.log file by the command :-

{“icacls c:\windows\system32\msdtc\msdtc.log”} are as follows:-
C:\>icacls c:\windows\system32\msdtc\msdtc.log
c:\windows\system32\msdtc\msdtc.log NT AUTHORITY\NETWORK SERVICE:(F)
                                    ZEPHYR\Administrator:(D,WDAC)
                                    ZEPHYR\admin:(D,WDAC)
                                    BUILTIN\Administrators:(F)
                                    ZEPHYR\admin:(I)(F)
                                    NT AUTHORITY\SYSTEM:(I)(F)
                                    BUILTIN\Administrators:(I)(F)
                                    NT SERVICE\KtmRm:(I)(F)
                                    NT SERVICE\MSDTC:(I)(F)

Successfully processed 1 files; Failed processing 0 files



As far as I have seen that there are very few forums where question about such an error is posted.

I would like to ask that how would I resolve this issue, since this error has caused a bottleneck and the Transactions are not working in those .aspx pages wherever implemented. Is there any work-around for this issue?

Answer

Related questions

TransactionScope alternative without DTC

are there any alternative to transactionScope which does not need to enable DTC?? In the transaction I need to make two operations: Create one user (using membership - sql membership provider) Do one insert operation.

Read More
How to create a class that works with TransactionScope?

Just wondering, if I want to create a class that does something and I want to be able to be used in a TransactionScope, what would I need to implement? That is: My class needs to be aware that it's …

Read More
What is the best way to implement a "timer"?

What is the best way to implement a timer? A code sample would be great! For this question, "best" is defined as most reliable (least number of misfires) and precise. If I specify an interval of 15 seconds, I want the …

Read More