Wednesday Tidbit: configuring a clustered MSDTC for vRealize Automation 6.x

20150916 - 1A few days ago I found I was unable to add reservations to my vRealize Automation installation.  After finding VMware knowledge base article 2089503, I realised it was because I’d forgotten to configure the Microsoft Distributed Transaction Co-ordinator (MSDTC) on my new SQL cluster.

Before I could proceed, I had to fix this.

The following script assumes you have added a disk to the cluster and that it shows as H: on each node:

# Variables

$cluster = ""
$group = "SQL Server (MSSQLSERVER)"
$sql_name = ""
$disk = "H:\"
$dtc = "MS-DTC"

# Import the module
Import-Module FailoverClusters

# Add the DTC resource
Add-ClusterResource $dtc -ResourceType "Distributed Transaction Coordinator" -Cluster $cluster -Group $group

# Add the SQL network name as a dependancy
Add-ClusterResourceDependency $dtc $sql_name -Cluster $cluster

# Move the DTC disk into the group
Move-ClusterResource $disk -Group $group -Cluster $cluster

# Add the DTC hard disk as a dependancy
Add-ClusterResourceDependency $dtc $disk -Cluster $cluster

Now we have to create a DTC mapping. Run the following command:

msdtc -tmMappingSet -name Mapping1 -service "SQL Server" -ClusterResourceName MS-DTC

Confirm the mapping has been successfully created:

msdtc -tmMappingView *

Stop the group:

Stop-ClusterGroup $group

Start the group:

Start-ClusterGroup $group

Finally, we need to configure DTC for vRealize Automation. Use the following code:

# Variables

$msdtcKey = Get-ChildItem “Registry::HKEY_LOCAL_MACHINE\Cluster\Resources” | Where-Object {([string](Get-ItemProperty -path “Registry::$_”).”Type”) -match “Distributed Transaction Coordinator”}
$dtcKeys = @("AllowOnlySecureRPCCalls","TurnOffRpcSecurity")
$secKeys = @("NetworkDTCAccess","NetworkDTCAccessClients","NetworkDTCAccessInbound","NetworkDTCAccessOutbound","NetworkDTCAccessTransactions")

# Configure settings
ForEach ($key in $dtcKeys){Set-ItemProperty -path “Registry::$msdtcKey\MSDTCPRIVATE\MSDTC” -name $key -Value 0}

# Configure callback
Set-ItemProperty -path “Registry::$msdtcKey\MSDTCPRIVATE\MSDTC” -name “FallbackToUnsecureRPCIfNecessary” -value 1

# Configure security
ForEach ($key in $secKeys){Set-ItemProperty -path “Registry::$msdtcKey\MSDTCPRIVATE\MSDTC\Security” -name $key -Value 1}

# Stop the group
Stop-ClusterGroup $group

# Start the group
Start-ClusterGroup $group

vRealize Automation should now work as expected.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s