When using a remote SQL as the database for PolicyPak Group Policy Compliance Reporter, the snapshot operation may fail with the following error.
The Server Log will contain the following error as well:
System.Transactions.TransactionManagerCommunicationException: Network access for Distributed Transaction Manager (MSDTC) has been disabled. Please enable DTC for network access in the security configuration for MSDTC using the Component Services Administrative tool. ---> System.Runtime.InteropServices.COMException: The transaction manager has disabled its support for remote/network transactions. (Exception from HRESULT: 0x8004D024)
To enable diagnostic logging, follow the directions in the article here
The resulting GPCR Server log can be found in: C:\ProgramData\PolicyPak\PolicyPak Group Policy Compliance Reporter Server\Diagnostics
To resolve the error and allow snapshots to complete successfully, you must enable Network DTC Access and ensure the firewall allows the traffic through.
The following is run on both the PolicyPak GPCR Client computer (Where the Admin Console is installed) and the remote SQL Server
Open Component Services
Open the “run” box (Win-R), type “dcomcnfg” and click OK
Expand Console Root -> Component Services -> Computers -> My Computer -> Distributed Transaction Coordinator, Right-Click on Local DTC and click Properties
On the Security tab -> Security Settings and Configure as follows:
Click OK
Enable DTC through the firewall on both PolicyPak GPCR Server and the remote SQL Server
Click on “Allow an app or feature through Windows Defender Firewall”
Find “Distributed Transaction Coordinator”, check and check the appropriate Network profile (e.g. Domain).
