John Howard - Senior Program Manager in the Hyper-V team at Microsoft

Senior Program Manager, Hyper-V team, Windows Core Operating System Division.


MSDTC Event ID 4143 and 53258 on Windows Server 2003 SP1 Domain Controller

  • Comments 63
  • Likes

I got hit by a problem on a freshly installed virtual machine using a slipstreamed SP1 installation and promoted to a domain controller. Two events were appearing in the event log which were unexpected.

Source: MSDTC Event ID: 4143 Information
MS DTC has detected that a DC Promotion has happened since the last time the MS DTC service was started.

followed by

Source: MSDTC Event ID: 53258 Warning
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings.

To resolve this, go through the following steps:
- Start/Administrative Tools/Component Services
- Navigate the tree view on the left to:
    - Console Root
     - Component Services
      - Computers
       - My Computer
- Right click on "My Computer" and select properties
- Select the MSDTC Tab
- Under "Transaction Configuration" near the bottom, click "Security Configuration"
- On the Security Configuration screen, just click OK - don't change anything.
- Back on the "My Computer Properties" screen, click OK again to dismiss
- Right click on "My Computer" in the tree view and select "Stop MS DTC"
- Right click on "My Computer" in the tree view and select "Start MS DTC"
- Close the Component Services snapin.

All should now be well again. Hope this helps someone.

  • I think it works because by clicking yes on the security tab you reset the security in a registry hive. Network service needs to make extra keys there (at least I read a fix with setting permissions on a hive). So if you troubleshoot, look for that...

  • See this:

    Event ID: 53258
    The Network Service account used to run MSDTC did not have permission to
    update the HKLM\Software\Microsoft\MSDTC registry key.

    Either give this account Create Subkey and Set Value permissions on the key.

    Event ID: 1097 & Event ID: 1030

  • Thanks. Worked for me

  • Thanks from Japan.

    I think that - Microsoft support team must publish its case on KB. :(

  • Fantastic - this solved an issue for us in a production environment on our SMS 2003 server no less. Thank you very much. :)

  • U have thanks from Japan and Germany and now thanks from Russia! Great help, thank you very much:)

  • Great stuff, adding your blog to my favorites! Thanks!

  • I was looking all over the Microsoft web site for a fix for this. Then I google’d it and found this web site. Thanks for it.. I suspected that the one of the settings in the MSDTC section in the registry was mangled after I installed something. Did a diff before and after this fix “NO DICE!”. After looking at the setting in that dialog. I would suspect that the built-in account displayed IN the dialog somehow gets reset. Looks like a bug Microsoft!

  • It's all good now, thanks a lot...

  • Did you ever knoooow that your my heeeeroooo? ;)

  • And now Thanks from France !

    I too hat the problem on a windows 2003 SP1, under Virtual Server 2005, and your trick solved the problem. I think it updated some security settings somewhere.

    I had also userenv errors 1058 and 1030 "Can't access to gpt.ini file for policy {....}" and " stop applying strategy" which were solved in a similar manner : "change/restore polcy setting" and reboot ! No more errors.

  • You Rock!! Thanks!!!

  • Have the same problem in clustered configuration. Strange enough but MSDTC runs on the second node but when fails on the first node it blows up the whole cluster server on the first node, fails back to the second node and records  53258 in the log.

  • This works in my enviroment too! >Thanks!!!

  • Thanks from Spain (Santiago de Compostela)


Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment