Call : 381-18-529-373

Script to set DTC and Firewall rules for Everest v6

Script sets DTC and Firewall rules. You have 2 different scripts here . One to be executed on Windows 2008/2008R2 , and one on client Windows 7/Vista machine :

Windows 2008/2008R2:

Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccess -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessAdmin -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessClients -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessInbound -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessOutbound -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessTip -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessTransactions -Value 1

Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTC -Name AllowOnlySecureRpcCalls -Value 0
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTC -Name FallbackToUnsecureRPCIfNecessary -Value 0
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTC -Name TurnOffRpcSecurity -Value 1


New-Item -type Directory HKLM:SoftwareMicrosoftRpcInternet
New-Item -type MultiString HKLM:SoftwareMicrosoftRpcInternetPorts -Value "4000-4020"
New-Item -type String HKLM:SoftwareMicrosoftRpcInternetPortsInternetAvailable -Value "Y"
New-Item -type String HKLM:SoftwareMicrosoftRpcInternetUseInternetPorts -Value "Y"

Set-ItemProperty -Path HKLM:SoftwareMicrosoftOle -Name LegacyAuthenticationLevel -Value 1

netsh advfirewall firewall add rule name="Everest (DCOM-In)" dir=in action=allow protocol=TCP localport=4000-4020
netsh advfirewall firewall add rule name="Everest (DCOM-Out)" dir=out action=allow protocol=TCP localport=4000-4020
netsh advfirewall firewall add rule name="NETBIOS IN" dir=in action=allow protocol=TCP localport=135-139
netsh advfirewall firewall add rule name="NETBIOS OUT" dir=out action=allow protocol=TCP localport=135-139
netsh advfirewall firewall add rule name="NETBIOS IN UDP" dir=in action=allow protocol=UDP localport=135-139
netsh advfirewall firewall add rule name="NETBIOS OUT UDP" dir=out action=allow protocol=UDP localport=135-139
netsh advfirewall Firewall set rule name="COM+ Network Access (DCOM-In)" new enable=yes
netsh advfirewall Firewall set rule name="COM+ Remote Administration (DCOM-In)" new enable=yes
netsh advfirewall Firewall set rule name="Distributed Transaction Coordinator (TCP-Out)" new enable=yes
netsh advfirewall firewall add rule name="SQL TCPIN" dir=in action=allow protocol=TCP localport=1433-1434
netsh advfirewall firewall add rule name="SQL TCPOUT" dir=out action=allow protocol=TCP localport=1433-1434
netsh advfirewall firewall add rule name="SQL UDPIN" dir=in action=allow protocol=UDP localport=1433-1434
netsh advfirewall firewall add rule name="SQL UDPOUT" dir=out action=allow protocol=UDP localport=1433-1434

Windows 7/Vista client (needs Powershell 2.0 installed):

Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccess -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessAdmin -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessClients -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessInbound -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessOutbound -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessTip -Value 1
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTCSecurity -Name NetworkDtcAccessTransactions -Value 1

Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTC -Name AllowOnlySecureRpcCalls -Value 0
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTC -Name FallbackToUnsecureRPCIfNecessary -Value 0
Set-ItemProperty -Path HKLM:SoftwareMicrosoftMSDTC -Name TurnOffRpcSecurity -Value 1


New-Item -type Directory HKLM:SoftwareMicrosoftRpcInternet
New-Item -type MultiString HKLM:SoftwareMicrosoftRpcInternetPorts -Value "4000-4020"
New-Item -type String HKLM:SoftwareMicrosoftRpcInternetPortsInternetAvailable -Value "Y"
New-Item -type String HKLM:SoftwareMicrosoftRpcInternetUseInternetPorts -Value "Y"

Set-ItemProperty -Path HKLM:SoftwareMicrosoftOle -Name LegacyAuthenticationLevel -Value 1

netsh advfirewall firewall add rule name="Everest (DCOM-In)" dir=in action=allow protocol=TCP localport=4000-4020
netsh advfirewall firewall add rule name="Everest (DCOM-Out)" dir=out action=allow protocol=TCP localport=4000-4020
netsh advfirewall firewall add rule name="NETBIOS IN" dir=in action=allow protocol=TCP localport=135-139
netsh advfirewall firewall add rule name="NETBIOS OUT" dir=out action=allow protocol=TCP localport=135-139
netsh advfirewall firewall add rule name="NETBIOS IN UDP" dir=in action=allow protocol=UDP localport=135-139
netsh advfirewall firewall add rule name="NETBIOS OUT UDP" dir=out action=allow protocol=UDP localport=135-139
netsh advfirewall Firewall set rule name="Distributed Transaction Coordinator (TCP-Out)" new enable=yes
netsh advfirewall firewall add rule name="SQL TCPIN" dir=in action=allow protocol=TCP localport=1433-1434
netsh advfirewall firewall add rule name="SQL TCPOUT" dir=out action=allow protocol=TCP localport=1433-1434
netsh advfirewall firewall add rule name="SQL UDPIN" dir=in action=allow protocol=UDP localport=1433-1434
netsh advfirewall firewall add rule name="SQL UDPOUT" dir=out action=allow protocol=UDP localport=1433-1434