Setup DTC from your desktop to your development server through a firewall.
Here is my use case:
We have integration tests that call code that already have transactions in them. We wrap the whole integration test in a “Scope Transaction” so that we can then roll back the inner transaction as they do not actual commit unless the scope transaction commits. I’ve blogged about that here. But for now, know that if you use a Scope Transaction you need to use Distributed Transaction Coordinator (DTC) even though the transactions are not “Distributed”.
For my use case to work – we have to be able to write and test the integration tests from our desktops in a corporate environment. Following these steps were we able to get distributed transactions to work from our desktops to the SQL Server 2014 servers.
Step 1 (Turn on DTC service):
Make sure Distributed Transaction Coordinator (DTC) is running on both the database server and the local desktop.
Step 2 (Configure DTC):
Navigate to Component Services, you should be able to just type in Component Services in Run on Windows. Right click on LOCAL DTC in Component Services and setup the Security tab as shown:
Step 3 (Limit Port Ranges):
By default DTC uses any set of port numbers above 1024. We have to limit that range to something the security team will allow to be open. I have not found any information from Microsoft giving a formula as to how many port numbers should be open – but I’ve seen them recommend anything from 20 to 1000 port numbers.
I ended up using 5501-5700 and the 5500 port for RPC.
In order to limit the port range go to Component Services, right click on My Computer and pick “Properties”:
Then select Default Protocols and Properties while “Connection-oriented TCP/IP” is selected:
Click Add and create a range from 5501 to 5700 (or the range you decide on):
Step 4 (Configure MSDTC Port):
This port needs to be set in the registry:
1) Start Regedt32.exe
2) Locate HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSDTC
3) Right click the MSDTC key, select New and DWord (32-bit) Value
4) Type ServerTcpPort for the key name
5) Right click ServerTcpPort key and select Modify
6) Change radio button to Decimal and type 5000 in the value data, click OK. This is how the registry key should look:
Note: That you will need to do steps 1-4 on each developer’s desktop AND the server. You will also need to restart your desktop machine and the server.
Step 5 (Configure Firewall):
You will need to contact your security team to configure the firewall. For our example you will need to open Port 5500-5700. You will also need port 135 open for RPC.
Note that they will need to open the ports bidirectionally. This is because once you call the server, the server will store off the name of the caller, close the connection and call back when it’s ready – potentially on a different port even.
You can test the connection from your desktop to the server with DTCPing. I’ll write more about how to use the tool in a future blog post.