Symptoms
- When I try to create a case in FTK Central, it doesn't get past the first page and adgselfhost.txt contains one or both of the following errors:
Network access for Distributed Transaction Manager (MSDTC) has been disabled. Please enable DTC for network access in the security configuration for MSDTC using the Component Services Administrative tool.
ADG.BusinessServices.Exceptions.InternalServerException: Failed to create project. Error: Unified Case Creation Failed for Case: XXXX.
- When I create a new project in Summation Pro/eDiscovery it is not immediately displayed in the project list and the System Log may have one or both of the following errors:
"Error creating case: CaseId : 0, CaseName : XXXX: System.Transactions.TransactionException: The operation is not valid for the state of the transaction."
"Error Invoke operation 'CreateProject' failed. HttpRequestTimedOutWithoutDetail"
- When processing in Summation Pro/eDiscovery it may seem to do nothing for a while, but eventually displays the error
"Unable to connect to database 0". - Case/project description says
"Autocreated during FTK Cases synchronization."even though the case was created in Summation/eDiscovery. - The Processing Options tab doesn't show a Processing Mode selected.
Resolution
- Confirm the AppDBs (eDiscovery, Infrastructure, Workflow, Workflow40) are owned by the service account in MSSQL.
- Confirm MSDTC has properly been configured on the App server, Database server, and any Processing servers.
- Ensure all servers have a NetBIOS name of 15 characters or less (this is a limitation of NetBIOS, which is used by MSDTC). There are few ways to check the currently configured NETBIOS name of a system:
From command prompt:
nbtstat /n
nbtstat /A [IPADDRESS_OF_REMOTE_SYSTEM]
Query SSMS on Database server:
Select serverproperty('ComputerNamePhysicalNetBIOS')
Registry Entry:
HKEY_LOCAL_Machine\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\ | ComputerName - Run the below command in PowerShell to check firewall settings and properties associated with MSDTC:
Test-Dtc -LocalComputerName "$env:COMPUTERNAME" -Verbose
If Windows Firewall and MSDTC security settings are configured correctly, the command should return the following:VERBOSE: ": Firewall rule for "RPC Endpoint Mapper" is enabled." VERBOSE: ": Firewall rule for "DTC incoming connections" is enabled." VERBOSE: ": Firewall rule for "DTC outgoing connections" is enabled." VERBOSE: <ServerName>: AuthenticationLevel: NoAuth VERBOSE: <ServerName>: InboundTransactionsEnabled: True VERBOSE: <ServerName>: OutboundTransactionsEnabled: True VERBOSE: <ServerName>: RemoteClientAccessEnabled: True VERBOSE: <ServerName>: RemoteAdministrationAccessEnabled: False VERBOSE: <ServerName>: XATransactionsEnabled: True VERBOSE: <ServerName>: LUTransactionsEnabled: False
- Ensure that all components are able to communicate with each other through the Microsoft Distributed Transaction Coordinator (MSDTC) using DTCPing. This is typically done over port 135. Refer to the steps here for proper DTCPing usage. When using DTCPing to the MSSQL server, use the same server name as used in DBConfig. Using FQDN in DBConfig, instead of NetBIOS/friendly name, can prevent MSDTC communication.
- If the machines were created as clones in a virtual environment they may share a CID. This will prevent transactions from completing. To resolve this, generate a new CID for one of the machines. Additional MSDTC troubleshooting options can be found here.
- Ensure the Microsoft Distributed Transaction Coordinator service is started and the Firewall has the correct exceptions for it. You may need to manually set exceptions for ports 135 (DTC) and 1024-65535 (DCOM) if allowing by application doesn't work. You can restrict the firewall rules to just the involved server's IPs.
The article below may also assist with determining MSDTC related issues: