D'Arcy from Winnipeg
Solution Architecture, Business & Entrepreneurship, Microsoft, and Adoption

For the Love of God, Don't Change the SSO Account Password!

Monday, December 22, 2008 4:28 PM
I'm on a bit of a fun project here at work: while most of the team is away me and a co-worker have been tasked with setting up an internal BizTalk environment that we can set up with a sample application and use as demo/reference material.

We hit a snag though, and I'm putting this post out as a warning to others that may tempt fate and walk in our path: DON'T CHANGE THE SSO PASSWORD OR ACCOUNT!

But I digress...how did we get here? Well, we noticed that there were a bunch of BizTalk services that weren't running, and when we tried to start the SSO service we didn't get an option for 'Start'. Odd...especially since there's a user and password specified for the account. Maybe if we just manually reset the password...

*KABOOM* DANGER WILL ROBINSON, DANGER!

It turns out that BizTalk has this Master Secret thing that plays a big role in setting up accounts and enabling Single Sign On. If you mess with an account OUTSIDE of the SSO realm, bad things happen...like having to track down the one guy who isn't on holidays but lives in Ontario in hopes that there's a snapshot of the VM from before yesterday...or facing a fresh install of BizTalk.

If you're dealing with BizTalk 2004, you cand read about how to *safely* change the SSO account and password here. For 2006...well, apparently you do the same thing as 2004, but here's another post warning about the SSO account.
D


Feedback

No comments posted yet.


Post a comment