Development environments are a cinch, no firewalls, no problem. Production on the other hand can be more challenging.
There is one part that lurks in the shadows, waiting, letting you think you are all done, and that everything is working. Then, you try to copy and paste, or delete a component. You try to create a new publication. BOOM!
New transaction cannot enlist in the specified transaction coordinator.
You have forgotten that firewall between the content management server and the database server, and MSDTC is not properly configured.
The documentation does a great job on the MSDTC settings, and telling you to open up firewall ports (default: 135, 5000-5500) here: Changing DTC Security Settings
What I feel is missing is the part to limit the port range on which MSDTC can operate, to match the firewall rules, and make everything run smoothly.
Steps (content manager and database servers)
- Open Component Services
- Expand Component Services > Computers
- View properties of “My Computer”
- Navigate to the “Default Protocols” tab
- View properties of “DCOM Protocols” “Connection-oriented TCP/IP” (attached)
- Add port range (default: 5000-5500)
- Restart distributed transaction windows service (sometimes, full server restart required)