Error message when you try to start a transaction in MS DTC: "New transaction cannot enlist in the specified transaction coordinator"

Article translations Article translations
Article ID: 922430 - View products that this article applies to.
Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:
256986 Description of the Microsoft Windows registry
Expand all | Collapse all

SYMPTOMS

Consider the following scenario. You have a client computer that communicates with a server computer. Microsoft Distributed Transaction Coordinator (MS DTC) is installed on both computers. One or more of the following conditions are true:
  • You restart either of the computers.
  • You restart MS DTC on either of the computers.
  • The computers are in different domains.
In this scenario, you receive the following error message when you try to start a transaction in MS DTC:
New transaction cannot enlist in the specified transaction coordinator (0x8004d00a)
Additionally, the first transaction fails. The subsequent transactions succeed for a while. However, the subsequent transactions may fail again. If the subsequent transactions fail, you receive the following error message:
New transaction cannot enlist in the specified transaction coordinator (0x8004d00e)
Note This problem is more likely to occur when you use Microsoft Windows Server 2003 Service Pack 1 (SP1) together with Kerberos authentication.

CAUSE

This problem may occur when the MS DTC connection between the client computer and the server computer is closed. For example, an idle time-out, a remote procedure call (RPC) time-out, or the firewall may close the MS DTC connection between the client computer and the server computer. When a new transaction request occurs, the client computer must reestablish the MS DTC connection with the server computer.

When the client computer tries to reestablish the MS DTC connection with the server computer, the client computer sends a packet. Then, the client computer waits for a bind packet response from the server computer. By default, the client computer stops the transaction if the client computer does not receive a response from the server computer in 4 seconds. The response from the server computer may be delayed because of network latency issues or authentication delays. When the response from the server computer does finally reach the client computer, the subsequent transactions succeed.

Additionally, the first transaction may take a long time, and then a later request to do a distributed transaction may finish immediately. This problem may occur when the client-side of MS DTC has a problem communicating with the Kerberos (KDC) server. Typically, this problem occurs if the client and the server are in different domains that have a firewall between them.

For example, this problem occurs in the following scenario:
  • WebService is in the Perimeter Network in a domain. WebService has to use transactions with a database server in another domain in an intranet.
  • A firewall is between the Perimeter Network and the intranet. The excessive delay on the first transaction occurs because UDP port 88 (Kerberos) is blocked.
  • The retry and the retry interval for the Kerberos request equal an excessive delay (over 100 seconds).

RESOLUTION

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

To make sure that you are experiencing the problem that is described in this article, confirm that the MS DTC transaction trace log file contains the following data:
;eventid=TRANSACTION_PROPOGATION_FAILED_CONNECTION_DOWN_FROM_REMOTE_TM ;tx_guid=f11cd9c9-7b8a-41e3-a904-4840123bacf7 ;"failed to propogate transaction to child node 'ComputerName' because the connection with the remote transaction manager went down"
Notes
  • In this data, the word "propogation" is a misspelling for the word "propagation." The word "propogate" is a misspelling for the word "propagate."
  • For more information about how to enable and view MS DTC transaction trace data, see the "More Information" section.
If the MS DTC transaction trace log file contains this data, follow these steps:
  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate the following registry subkey:
    HKEY_LOCAL_MACHINE\Software\Microsoft\MSDTC
  3. Right-click MSDTC, point to New, and then click DWORD Value.
  4. Type CmMaxNumberBindRetries, and then press ENTER.
  5. Right-click CmMaxNumberBindRetries, and then click Modify.
  6. Click Decimal.
  7. In the Value data box, type 60.

    This value increases the length of time that the client computer waits for the bind packet response from the server computer. This value is double the number of seconds before the client computer stops the transaction if the client computer does not receive the bind packet response. For example, a value of 60 equals 30 seconds.

    Note The value of 60 is only a recommended value. Additional testing on your configuration may be required.
  8. Click OK.
  9. Restart MS DTC.
Note For the slow response scenario, make sure that the ports that are required by Kerberos authentication (UDP 88 and TCP 88) are open when a firewall is involved in the Perimeter Network. The ports UDP 389 and TCP 389 (both for LDAP to find KDC) must also be open.

MORE INFORMATION

The error messages that are mentioned in the "Symptoms" section may have other causes. If the steps that are provided in the "Resolution" section do not resolve the problem, you may be experiencing the problem that is described in Microsoft Knowledge Base article 913957. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
913957 FIX: A 0x6be exception may occur when you quickly make multiple remote procedure calls to a server that is running Windows Server 2003
If you still cannot resolve the problem, you can enable MS DTC connection manager tracing to better troubleshoot the problem. For more information about how to enable MS DTC connection manager tracing on a computer that is running Microsoft Windows 2000, click the following article number to view the article in the Microsoft Knowledge Base:
898918 Information about transaction tracing and CM error tracing in MSDTC on a Windows 2000-based computer
For more information about how to enable MS DTC connection manager tracing on a computer that is running Windows XP or Windows Server 2003, click the following article number to view the article in the Microsoft Knowledge Base:
899115 How to enable diagnostic tracing for MSDTC on a computer that is running Windows XP or Windows Server 2003

Properties

Article ID: 922430 - Last Review: March 22, 2011 - Revision: 4.0
APPLIES TO
  • Microsoft COM+ 1.5
Keywords: 
kbdtc kbtshoot kbprb KB922430

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com