Thursday, 18 August 2011

BizTalk Server 2009 Deployment issue with multiple users on same server

If you are more than one developer on the same BizTalk Server 2009 you might have noticed that there can be some deployment issues where you looses configuration that you or some other in your team already have done. Over time I have experienced the following issues from time to time:

  • One of the parties that I had enlisted on a rolelink where missing 
  • The pipeline on a receive location where changed from XMLReceive to PassThrough
  • I couldn't deploy an assembly before I deleted a receive port. I got an error telling me that the transport type wasn't set on a receive location. But when I checked the configuration the transport type where set correctly.
The last one got me searching for why BizTalk does as it does.

I can't give you a reason why this happens, but I can give you a location that contains the binding files that BizTalk uses behind your back. The location is: 

C:\Users\<Username>\AppData\Roaming\Microsoft\BizTalk Server\Deployment\BindingFiles

"Roaming" could also be something else based on how you logon to your server. I haven't gotten the issue on BizTalk Server 2010 yet, but that might be related to that I haven't work with another user on the same server with the same BizTalk artifacts or related artifacts. But I can see that it creates the same binding files as in BizTalk Server 2009, so my guess is that the same issue is also here in BizTalk Server 2010.

A common deployment procedure like using the Powershell privider for BizTalk would fix this issue, but I haven't gotten around to confirm this part. 

Random posts:
Posted by at
Labels:

Monday, 15 August 2011

Use single-signon with FTP, SAP and other username/password

There are some of the adapters that doesn't support single-sign on with you domain users that are assigned to you BizTalk Host Instans. This is an issue in BizTalk when you come to deployment and where you don't want your password for a FTP site to be listed in your binding files.

When you configure your FTP Send Port in Biztalk there is an option to select the  SSO Affiliate, which lists your SSO  Affiliate applications from Enterprise Single Sign-On. This is a part of what is needed.

The first thing you need is to have a promoted property on your message called "SSOTicket" and this have to have a specifict value. I do this in a pipeline component, but I thing you also can do this in an Orchestration. The code is as follows:


        public Microsoft.BizTalk.Message.Interop.IBaseMessage Execute(Microsoft.BizTalk.Component.Interop.IPipelineContext pc, Microsoft.BizTalk.Message.Interop.IBaseMessage inmsg)
        {
            ISSOTicket ssoTicket = new ISSOTicket();
            inmsg.Context.Write("SSOTicket", "http://schemas.microsoft.com/BizTalk/2003/system-properties", ssoTicket.IssueTicket(0));
            return inmsg;
        }

Create a send pipeline that uses this pipeline component in the Encode phase.

Set the "Allow Tickets" to yes on the system:


Then you need to create an affiliate application in Enterprise Single Sign-On:


Give it a nice name and remember to check the check boxes:
Use the Biztalk Group that has the host instanse as Application users
Check "Ticket Allowed" and then finish the Wizard.
Click new mapping on the new application you just have created. Check the "Credentials as Windows credentials"
The Window user is the user used by the Biztalk Host Instanse and the External user is your FTP/SAP/Other user

 Type in the password for your external user
Now on your FTP Send port you select the new SSO affiliate application.
This should be it. You now have single sign-on on your FTP sites and you can use your Enterprise Single Sign-on to manage your mappings between domain accounts and external accounts.

Sample code at http://code.msdn.microsoft.com/Use-single-signon-with-FTP-b6414ce8

Random posts:
Posted by at
Labels:
Subscribe to: Posts (Atom)