vCAC: Error requesting machine. (Exception from HRESULT: 0x8004D025)

While setting up vCAC 6.0 in my home lab, I encountered the following error when trying to deploy a machine from a blueprint.

Error requesting machine. Inner Exception: Exception has been thrown by the target of an invocation. Base Exception: The partner transaction manager has disabled its support for remote/network transactions. (Exception from HRESULT: 0x8004D025)

I found a VMware KB article for an earlier version along similar lines which requires configuring some MSDTC settings on the SQL server holding the vCAC database. (It appears that this is a reasonably common issue for SQL based applications)

The recommendation from the VMware KB article is to configure MSDTC with the following:

Go to Start > Administrative Tools. Open Component Services. Expand Component Service > Computers > My Computer > Distributed Transaction Coordinator. Right-click Local DTC and click Properties. Click the Security tab. Select the Network DTC Access option. Select Allow Remote Client and Allow Remote Administration options. Select the Allow Inbound and Allow Outbound options Specify NetworkService for DTC Logon Account. Click OK.

Following those changes the MSDTC service needs to be restarted.

My SQL server is 2012 running on Windows Server 2012 and is easy to change because it was for a homelab. Depending on the environment you might be deploying into, some consideration will need to be taken in advance into whether the above can be changed (if necessary) on a Production SQL server or whether a dedicated SQL server might be required.

Update: 19/05/2014

Following the comment from Charles Bryant below, here are the steps you need to automate this config.

You can get current DTC settings with:

Get-ItemProperty -Path HKLM:\\Software\\Microsoft\\MSDTC\\Security

We need to change 6 of these settings to a value of 1, then restart the service (Make sure your PowerShell session is set to run as administrator):

"NetworkDtcAccess","NetworkDtcAccessAdmin","NetworkDtcAccessClients","NetworkDtcAccessTransactions","NetworkDtcAccessInbound","NetworkDtcAccessOutbound" | ForEach-Object {Set-ItemProperty -Path HKLM:\\Software\\Microsoft\\MSDTC\\Security -Name $\_ -Value 1}

Restart-Service msdtc