Tallan Blog

Tallan’s Experts Share Their Knowledge on Technology, Trends and Solutions to Business Challenges

BizTalk, Clustered MSDTC and Clustered EntSSO installation error

There are a few good resources out there for setting up a clustered Master Secret Server out there:

However, I faced some issues recently setting all of this up, getting the following errors (in the event log and the configuration log):

  • Creation of Adapter FILE Configuration Store entries failed. (BizTalk config log)
  • Could not import a DTC transaction. Please check that MSDTC is configured correctly for remote operation. See the event log (on computer EntSSOClusterResource) (BizTalk config log)
  • d:\bt\127854\private\source\setup\btscfg\btscfg.cpp(2213): FAILED hr = c0002a25 (BizTalk Config log)
  • Failed to initialize the needed name objects. Error Specifics: hr = 0x80004005, com\complus\dtc\dtc\msdtcprx\src\dtcinit.cpp:575, CmdLine: “C:\Program Files\Common Files\Enterprise Single Sign-On\ENTSSO.exe”, Pid: 172 (Event log)
  • Could not import a DTC transaction. Please check that MSDTC is configured correctly for remote operation. See documentation for details. Error Code: 0x80070057, The parameter is incorrect. (Event log)

DTC seemed to be culprit here (or possible EntSSO), but DTC Ping/Tester worked fine from the app server to the clustered resource (in fact, the installer had no problem configuring the Group settings with this issue – it choked on the Runtime configuration).  Despite that, it still seemed like it was ultimately a DTC issue, so I started working through many of the normal DTC issues that come up.  We uninstalled and reinstalled MSDTC on all involved machines (some had been imaged from a common source using the same GUIDs in the CID registry key under HKCR), and imported the following registry key to ensure that RPC wasn’t causing an issue.

Windows Registry Editor Version 5.00


In the end it came down to a single setting that the ever-helpful DTC troubleshooting wiki mentions:


We had configured everything to use “No Authentication Required” to get the broadest support (for some older servers on the network if needed).  This does mean that servers which don’t support this authentication will not be able to participate in DTC, but it did resolve the issue on the cluster and allow us to properly configure the BizTalk Runtime.

Learn more about Tallan or see us in person at one of our many Events!

Share this post:

2 Comments. Leave new

I am also facing the same issue, I have made the same settings
enabled these properties, still no luck. Can you please share the exact settings sloved this BizTalk RunTime issue.
>Network DTC Access
>Allow Inbound
>Allow Outbound
>No Authentication Required

Pedro Simões
October 13, 2017 4:48 am

chane no authentication required to incoming authentication required
and add the SSO Service User to SSO Cluster Permitions with full control i think

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>