The other day I’ve been doing installation of K2 4.7 on standalone (i.e. non-joined to domain) Windows Server 2016 machine with SQL Server installed locally on the same box, and bump into MSDT Network Access analysis result failure, receiving error shown below:
That’s quite a standard warning which explicitly says you what kind of check boxes you need to tick in Local DTC Properties (be sure to use comexp.msc or dcomcfg commands to open Component Services snap-in). K2 Setup Manager will explicitly tell you what checkbox is not set as shown on sample screenshot below:
But if you look at the first screenshot – there is no incorrectly configured settings, and I was pretty sure that I know these settings quite well, having couple of old posts on the topic (see #1, #2). So I was a bit baffled by this warning. After consulting related K2 documentation section I realized that it also indicates that it is necessary to configure relevant firewall rules :
Enable and Configure the DTC Components
| Configure firewall to allow MSDTC access with the following command: netsh advfirewall firewall add rule name=”MSDTC” dir=in action=allow program=”%windir%\system32\msdtc.exe” enable=yes Configure firewall to allow SQL Server access with the following command: netsh advfirewall firewall add rule name=”MSSQLSERVER” dir=in action=allow program=”C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Sqlservr.exe” enable=yes These firewall settings must be activated on SQL server in order for MSDTC to work: Distributed Transaction Coordinator (RPC) Distributed Transaction Coordinator (RPC-EPMAP) Distributed Transaction Coordinator (TCP-In) |
Despite in my case SQL and K2 servers very hosted on the side machine I tried to add required firewall settings – and, somewhat naturally, it didn’t resolve the error. So it took me searching a bit more till I found relevant MSFT documentation (New functionality in the Distributed Transaction Coordinator service in Windows) which clarifies that “No Authentication Required” option must be used in the following scenarios:
- The network access is between computers that are running Microsoft Windows 2000.
- The network access is between two domains that do not have a mutual trust configured.
- The network access is between computers that are members of a workgroup.
As you can understand having both SQL and K2 on the same server in workgroup mode translates into “network” access is between computers that are members of a workgroup. So to resolve K2 setup manager warning in this scenario it is necessary to tick “No Authentication Required” option in Local DTC Propertis:
I do realize that installation on a member server not joined to domain is not the most frequent scenario (although it is if you install K2 on cloud servers non-joined to domains), it is sad that K2 installer does not report what kind of setting is necessary in the workgroup mode scenario – that goes into nice to have list of additional checks, but until it’s not there you have this post 🙂