문제
The issue is that we have a website on a standalone webserver (Windows 2003 SP2 - Machine name is TESTAPP which can be sen in the log below) which uses TransactionScope.
The SQL Server 2008 R2 machine (Windows Server 2008) is within a domain.
When the standalone machine hit's the TransactionScope it fails (error details will ensue).
When I run the code from a machine in the same domain as the DB server it works fine.
On the standalone machine I get the ubiquitous error of:
https://stackoverflow.com/questions/16236839
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianError HRESULT E_FAIL has been returned from a call to a COM component.
However MSDTC is setup correctly, it uses Network Service by the way. DTCPing.exe works fine both ways.
Upon digging into the DB machine i found the following Audit Failure:
An account failed to log on.
Subject:
Security ID: NULL SID
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: TESTAPP$
Account Domain: WORKGROUP
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xc000006d
Sub Status: 0xc0000064
Network Information:
Workstation Name: TESTAPP
Source Network Address: 192.168.**.**
Source Port: 1202
The standalone machine is trying to logon to SQL Server machine using it's own machine name, god knows what it is using as a password.
Therefore is it possible to get MSDTC to work from a standalone machine to a domain machine?
P.S. If possible (if there is another way) I don't want to affect 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSDTC\TurnOffRpcSecurity' registry key.
P.P.S. If possible I'd like to keep Mutual Authentication Required on MSDTC, (I'm aware that a possible solution is to set MSDTC to require No Authentication, but am not sure if this is totally necessary)
The wierd thing about it is using a test standalone web server to domain DB server MSDTC is working fine whether set to No Authentication or Mutual Authentication! :S
P.P.S. Firewalls are off on both machines.
해결책
Gah, if only I'd tried setting up a test using a duplication of the live system earlier etc etc...
As soon as I turned off Mutual Authentication and set it to No Authentication it worked like a charm.
P.S. No Auth isn't much of a security hole in an environment that doesn't open up the MSDTC machines/ports to the outside world. See potential risks of using unsecure rpc no authentication required setting in msdtc security configuration
다른 팁
You can use just one connection object across Data Access Methods. That way MSDTC is never triggered. I had similar experience but did not have access to adjust the SQL server. Using a singleton pattern, I created the Data Connection and use same connection object within a transaction across several method calls.
