Re: MSDTC error when mocing FSMO ROLES
- From: "Ace Fekay [MVP]" <PleaseSubstituteMyActualFirstName&LastNameHere@xxxxxxxxxxx>
- Date: Mon, 23 Jan 2006 22:41:21 -0500
In news:F8065B7B-6F5A-489A-837E-568B04833F7D@xxxxxxxxxxxxx,
John Keating <JohnKeating@xxxxxxxxxxxxxxxxxxxxxxxxx> stated, which I
commented on below:
> After changing the FSMO roles to another DC all my 2003 SP1 DCs
> recorded the following error:
>
> Error ID 53258
>
> MS DTC could not correctly process a DC Promotion/Demotion event. MS
> DTC will continue to function and will use the existing security
> settings. Error Specifics:
> d:\nt\com\complus\dtc\dtc\adme\uiname.cpp:9280, Pid: 1624
> No Callstack,
> CmdLine: C:\WINNT\System32\msdtc.exe
>
> I fixed this by adding the "create subkey" and "set value" permission
> under HKLM\SW\MS\MSDTC to the network service account (the account
> that is used by DTC). Has anone else had this issue? Is this the
> proper fix? Does this open any additional attack vectors on the DCs?
>
> Any input would be greatly appreciated.
>
> Many thanks,
> John Keating
Were the default system drive permissions previously altered and you
installed a recent hotfix (about a month ago)? There was an issue with this
if the perms were altered. See if this helps (from a previous post):
____________________
Systems that have changed the default Access Control List permissions on the
%windir%\registration directory may experience various problems after you
install the Microsoft Security Bulletin MS05-051 for COM+ and MS DTC:
http://support.microsoft.com/kb/909444
For specific info, see:
http://blogs.technet.com/steriley/archive/2005/11/08/414002.aspx
______________________
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
If you are having difficulty in reading or finding responses to your post,
instead of the website you are using, if I may suggest to use OEx (Outlook
Express or any other newsreader of your choosing), and configure a newsgroup
account, pointing to news.microsoft.com. This is a direct link into the
Microsoft Public Newsgroups, and it is FREE and DOES NOT require a Usenet
account with your ISP. With OEx, you can easily find your post, track
threads, cross-post, and sort by date, poster's name, watched threads or
subject.
Not sure how? It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Assimilation Imminent. Resistance is Futile.
Infinite Diversities in Infinite Combinations.
=================================
.
- Follow-Ups:
- Re: MSDTC error when mocing FSMO ROLES
- From: John Keating
- Re: MSDTC error when mocing FSMO ROLES
- Prev by Date: Re: Mapped drives in clients lost when server down
- Next by Date: Re: active directory replication
- Previous by thread: Re: Time Server [WildPacket]
- Next by thread: Re: MSDTC error when mocing FSMO ROLES
- Index(es):
Relevant Pages
|
