DTC Security Considerations

 

Applies To: Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server Technical Preview, Windows Vista

One aspect of distributed computing that can make a networked environment vulnerable to security attack is the use of distributed transaction processing. To help minimize any risk to your networked environment, the DTC offers several new security administration settings that you can either enable or disable, depending on the level of security you need.

If your computing environment requires the highest level of security, you can use the Component Service administrative tool to disable all of the DTC security settings. Conversely, if your security requirements are minimal, you can enable all settings, allowing you to take full advantage of all the DTC features.

You can also set certain security options individually, which allows you to balance your need for distributed transaction processing with your need to make your networked environment as secure as possible. You can take steps to help protect your transaction-processing environment in a way that exactly suits your particular needs.

Another step you can take to help protect the security of your computing environment is to disable distributed transactions on certain machines within the network. This helps minimize the possibility of attack through those machines.

The following topics in this section provide detailed information about how to implement and manage security for distributed transactions:

• Managing the DTC Service Remotely

• Disabling Native Distributed Transactions

• Disabling Transaction Services for Network Clients

• Disabling TIP and XA Transactions

• Managing Accounts and Privileges