Enable diagnostic tracing for MS DTC on a Windows 10 computer
Article
This article discusses how to enable diagnostic tracing for the Microsoft Distributed Transaction Coordinator (MS DTC) on a Windows 10 computer.
Original product version: Windows 10 Original KB number: 926099
Important
This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, see Windows registry information for advanced users.
Types of tracing facilities
Transaction manager tracing
Transaction manager (TM) tracing tracks transaction state changes. It's generated by the MS DTC transaction manager. The output is in binary format, and the output must be formatted. The transaction manager is part of the MS DTC service.
Communication manager error tracing
Communication manager (CM) error tracing tracks any process that loads the Msdtcprx.dll file and that uses the remote procedure call (RPC) interface of MS DTC to communicate with other MS DTC-related processes. The output is in text format. The 0x8004d00a error is a typical error for which communication manager error tracing may be useful.
Note
Transaction manager tracing and communication manager error tracing are independent processes. You can independently enable transaction manager tracing and communication manager error tracing. Or, you can independently disable them.
Enable transaction manager tracing
You can use the Component Services Microsoft Management Console (MMC) snap-in to enable transaction manager tracing. To do this, follow these steps:
Select Start, select All Programs, select Accessories, and then select Run.
Type comexp.msc, and then select OK.
Expand Component Services, expand Computers, expand My Computer, expand Distributed Transaction Manager, right-click Local DTC, and then select Properties.
Select the Tracing tab.
On the Tracing tab, you can modify the following TM tracing options:
Trace Output
Trace Transactions
Trace All Transactions
Trace Aborted Transactions
Trace Long-Lived Transactions
When you change the TM tracing configuration, the MS DTC service detects the changes. However, you don't have to recycle the process. For example, when you change the transactions that are traced or the location of the trace file, the MS DTC service detects the change in the registry. You don't have to restart the MS DTC service.
New MS DTC tracing system in Windows
In Windows, MS DTC has a new and extensive tracing system. The new system has the following design goals:
Only a single line of code is required to add a formatted trace.
The trace is readable by humans on production computers without a network.
Output options are flexible.
The trace is fast.
You don't have to restart the computer to change the options.
Additionally, in Windows 10 and Windows Server Technical Preview, the tracing log file name includes the name of the process that invoked the tracing log. This is controlled by the Output registry key.
Configure tracing
Warning
Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft can't guarantee that these problems can be solved. Modify the registry at your own risk.
Trace configuration is located on the local node, in a registry key that is named Tracing under the MS DTC registry key. The Tracing registry key includes connection manager tracing. Previously, you used the TraceCMErr registry key to configure connection manager tracing. The Tracing registry key contains the following two sub keys:
Sources: This sub key configures the kind of tracing.
Output: This sub key configures where the tracing output is sent.
Note
Make sure that the process can access the Tracing registry key. By default, the Windows configuration doesn't create this key and doesn't grant permissions to this key. You can use Registry Editor to configure tracing functionality.
To create tracing functionality registry entries, follow these steps:
Select Start > All Programs > Accessories > Run, type regedit, and then select OK.
Locate and then select one of the following sub keys:
On the Edit menu, select New, and then select the data type of the entry. For example, select DWORD (32-bit) Value.
Type the name of the desired source, and then press ENTER. For more information about the source names, see the table in the Configure sources section.
Right-click the new registry entry, select Modify, type the value that you want in the Value data box, and then select OK.
On the File menu, select Exit.
Configure sources
The Sources registry key contains a set of DWORD registry values that are listed in the following table.
Name
Description
TRACE_MISC
Traces that can't be categorized into the other categories
TRACE_CM
Traces in the connection manager
TRACE_TRACE
The trace infrastructure itself
TRACE_SVC
Traces service and .exe file startup
TRACE_GATEWAY
Gateway source
TRACE_UI
Traces the user interface
TRACE_CONTACT
Traces the contact pool and contacts
TRACE_UTIL
Traces utility routines that are called from multiple locations
TRACE_CLUSTER
Traces the cluster-specific (utility) code
TRACE_RESOURCE
Traces the cluster resource-specific code
TRACE_TIP
Transaction Internet Protocol (TIP) tracing source
TRACE_XA
XA Transaction Manager (XATM) tracing source
TRACE_LOG
Log tracing
TRACE_MTXOCI
MTS/OCI layer (Mtxoci.dll) tracing source
TRACE_ETWTRACE
Event Tracing for Windows (ETW) tracing source
TRACE_PROXY
Traces that are generated in the MSDTC proxy DLL
TRACE_KTMRM
Tracing for integration with Kernel Transaction Manager
TRACE_VSSBACKUP
Tracing for integration with the Microsoft Visual SourceSafe backup and restore mechanism
TRACE_PERFMON
Tracing with support for performance counters
The DWORD value should be a number from 0 to 255. The DWORD value indicates the level of tracing that occurs. The following table lists possible DWORD values.
Value
Description
0
const BYTE TRACE_OFF
1
const BYTE TRACE_ERROR
2
const BYTE TRACE_WARNING
3
const BYTE TRACE_INFO
4
const BYTE TRACE_VERBOSE
5
const BYTE TRACE_VERY_VERBOSE
6
const BYTE TRACE_INOUT
0xF0
const BYTE TRACE_OBSCURE
0xFF
const BYTE TRACE_EVERYTHING
Note
Higher values automatically include lower values. Therefore, when you enable the TRACE_INFO level, the TRACE_ERROR level is also enabled. Very few sources use any tracing that is higher than the TRACE_VERBOSE level.
Configure trace output
Warning
Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft can't guarantee that these problems can be solved. Modify the registry at your own risk.
The Output registry key contains a set of values that control where trace output is sent. These values are as follows:
The TraceFilePath (REG_SZ) value is the root folder in which trace files should be stored. Tracing is written to a file in a folder that is named msdtc-X.log. In this folder name, X represents the decimal PID of the process that creates the file. Make sure that all the processes of interest can access the configured folder. Otherwise, trace information will be lost. If this value isn't set, traces aren't sent to a file.
The ImageNameInTraceFileNameEnabled (REG_DWORD) value determines whether the name of the tracing log file that's generated includes the image file name of the process that invoked the tracing log. If this is set to a non-zero value, the image file name of the process will be included in the tracing log file that's generated. If this value is set to zero, the image file name of the process will not be included in the tracing log file that's generated. By default, the value is set to zero (0). The following is an example of a trace file name where the log file that's generated contains the process: MSDTC-msdtc.exe-3552.log or MSDTC-svchost.exe - 3556.log
The MemoryBufferSize (REG_DWORD) value is the size of the circular buffer in which trace messages are stored. If this value is set to 0, memory tracing is disabled. By default, this value is 10 MB. You may have to increase this value if you enable verbose tracing.
The DebugOutEnabled (REG_DWORD) value enables or disables output to the debugger. If the value is nonzero, the output is enabled. By default, this Output registry key is disabled. When you change the connection manager error-tracing configuration, the changes take effect when a process that loads the Msdtcprx.dll file is recycled. For example, the changes to the connection manager error-tracing configuration take effect when the MS DTC service process is recycled.
Alternatively, you can create a .reg file, and then you can use Registry Editor to import the file. To do this, follow these steps:
Create a new .reg file that contains the following code example:
Select Start > All Programs > Accessories > Run, type regedit, and then click OK.
On the File menu, select Import.
Locate the file that you created in step 1, and then select Open. The Registry Editor dialog box appears.
Select OK.
On the File menu, select Exit.
Performance effect
By default, tracing functionality is disabled in Windows. Therefore, no performance effect exists on a regular installation.
Don't enable tracing functionality on production computers unless a Microsoft Customer Support Professional indicates that the tracing information is required to diagnose a problem. Tracing may affect computer performance. First you must find the problem, and you must resolve it. Then, immediately disable the tracing functionality.
Cluster configuration
For cluster installations, make sure that all registry entries on all the nodes contain these registry entries. For any node that doesn't have these registry entries, the cluster code ignores the registry entries in the shared registry because the registry entries don't exist in the local computer registry.
Learn to audit and diagnose your Windows Server environment for regulatory compliance, user activity, and troubleshooting. Implement security best practices through regular audits of your network environment to gain early warning of potential malicious activity.