Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 4195 Source: MSDTC

Source
Level
Description
Could not initialize the MS DTC XA transaction manager.
Comments
 
In our case, this problem was caused by an overzealous case of server hardening. In the Local Security Policy, under Local Policies -> User Rights Assignment, an admin had removed "Users" from those groups listed in "Bypass Traverse Checking". I added the Users group back to this list, rebooted, and this problem (and several others) was resolved.
An engineer changed permissions on C:\WINNT from Everyone:Full Control to Everyone:Read, but failed to add in Administrators, System account, and other appropriate groups. When MSDTC starts, it writes a file to c:\winnt. In this case, having read-only permissions prevented it from starting.  Followed by Event 4111 - The MS DTC Service is shutting down.
In my case, the cluster service did not start correctly. Restart Cluster service, then the MTS starts without problems.
As per ME223397, this may occur if the Microsoft Distributed Transaction Coordinator (MSDTC) is not properly installed or is malfunctioning on one or both nodes on the Cluster Server computer. See the Q article for resolution.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...