This project has moved and is read-only. For the latest updates, please go here.

SSO error with BTDF

Topics: Bindings File, Settings Management and SSO
Apr 17, 2012 at 10:58 PM

New to BTDF, looks cool 2 questions regarding using this in conjunction with SSO.

1. Getting the following error  while trying to use add the SSO entries from the visual studio using the BTDF toolbar options:

 

"C:\Program Files (x86)\Deployment Framework for BizTalk\5.0\Framework\DeployTools\SSOSettingsFileImport.exe" "TestInterface" /settingsFile:"C:\WorkSpace\IntegrationLayer\Main\Deployment\EnvironmentSettings\Exported_LocalSettings.xml" /userGroupName:"BizTalk Application Users" /adminGroupName:"BizTalk Server Administrators"

Error persisting to SSO:

System.Runtime.InteropServices.COMException (0xC0002A22): The account name is not valid or does not exist. See the event log (on computer 'XXXXXX-DEV') for more details.

 

at Microsoft.BizTalk.SSOClient.Interop.ISSOAdmin.CreateApplication(String applicationName, String description, String contactInfo, String userGroupName, String adminGroupName, Int32 flags, Int32 numFields)

at SSOSettingsFileManager.SSOHelper.CreateApp(String appName, String userGroup, String adminGroup)

at SSOSettingsFileManager.SettingsFileImport.SaveSettingsToSSO(String affiliateAppName, settings inSettings, String userGroupName, String adminGroupName)

at SSOSettingsFileManager.SettingsFileImport.Main(String[] args)

 

I have the following entries in the btdfproj . Am I missing some thing ?

 

 

<

 

IncludeSSO>True</IncludeSSO

>

<ItemGroup>
    <PropsFromEnvSettings Include="SsoAppUserGroup;SsoAppAdminGroup;" />
  </ItemGroup>

 

 


Apr 17, 2012 at 11:21 PM
You need to make sure the settingsfilegenerator.xml has the following two entries:
SsoAppUserGroup
SsoAppAdminGroup

Also, you need to be sure the values in environment your deploying to exist in that environment.
For example, if you're deploying to a domain managed environment where your BizTalk groups have been provisioned in the domain, you'll need to prepend the group in the settingsfilegenerator.xml with the domain.
Example:
domain\BizTalk Application Users
domain\BizTalk Server Administrators

If you're working with local groups, you need to make sure these group names match what you created when you installed BizTalk, if you didn't use the default.

I hope this helps.


Chris J Albertson




On Tue, Apr 17, 2012 at 4:58 PM, kiranasokan <notifications@codeplex.com> wrote:

From: kiranasokan

New to BTDF, looks cool 2 questions regarding using this in conjunction with SSO.

1. Getting the following error while trying to use add the SSO entries from the visual studio using the BTDF toolbar options:

"C:\Program Files (x86)\Deployment Framework for BizTalk\5.0\Framework\DeployTools\SSOSettingsFileImport.exe" "TestInterface" /settingsFile:"C:\WorkSpace\IntegrationLayer\Main\Deployment\EnvironmentSettings\Exported_LocalSettings.xml" /userGroupName:"BizTalk Application Users" /adminGroupName:"BizTalk Server Administrators"

Error persisting to SSO:

System.Runtime.InteropServices.COMException (0xC0002A22): The account name is not valid or does not exist. See the event log (on computer 'XXXXXX-DEV') for more details.

at Microsoft.BizTalk.SSOClient.Interop.ISSOAdmin.CreateApplication(String applicationName, String description, String contactInfo, String userGroupName, String adminGroupName, Int32 flags, Int32 numFields)

at SSOSettingsFileManager.SSOHelper.CreateApp(String appName, String userGroup, String adminGroup)

at SSOSettingsFileManager.SettingsFileImport.SaveSettingsToSSO(String affiliateAppName, settings inSettings, String userGroupName, String adminGroupName)

at SSOSettingsFileManager.SettingsFileImport.Main(String[] args)

I have the following entries in the btdfproj . Am I missing some thing ?

<

IncludeSSO>True</IncludeSSO

>

<ItemGroup>
    <PropsFromEnvSettings Include="SsoAppUserGroup;SsoAppAdminGroup;" />
  </ItemGroup>



Read the full discussion online.

To add a post to this discussion, reply to this email (biztalkdeployment@discussions.codeplex.com)

To start a new discussion for this project, email biztalkdeployment@discussions.codeplex.com

You are receiving this email because you subscribed to this discussion on CodePlex. You can unsubscribe or change your settings on codePlex.com.

Please note: Images and attachments will be removed from emails. Any posts to this discussion will also be available online at codeplex.com


Apr 18, 2012 at 8:01 PM
Edited Apr 18, 2012 at 8:21 PM

I am kind of stumped here ..I have all those u told already set up..But still the Export to SSO is not working from the BTDF tool bar in VS.For some reason its not reading the values correctly when creating the SSO.

just for the heck of it I tried doing this from the the  command line, in that case the SSO appliation was created with the keys.So the gorup names etc I am using are correct. They were visible from the BTDF SSO editor tool ...

But  from the Microsoft SSO configuration application this was invisible ...

 "C:\Program Files (x86)\Deployment Framework for BizTalk\5.0\Framework\DeployTools\SSOSettingsFileImport.exe" "BizTalk Server Project1" /settingsFile:"c:\Projects\BizTalk Server Project1\Deployment\EnvironmentSettings\Exported_LocalSettings.xml" /userGroupName:"ourdomainname\userGroup" /adminGroupName:"ourdomain\AdministratorsGroup"

In my Exported_LocalSettings.xml  the below entries were there .So Its correclty parsing the values from the settingsgenerator into the environment specific xml files.

<?xml version="1.0" encoding="utf-8"?>
<!--
  This file was auto-generated by the Environment Settings Spreadsheet to XML Exporter (http://envsettingsmanager.codeplex.com).

  Input File: SettingsFileGenerator.xml
  Created: 4/18/2012 01:28 PM
-->
<settings>
  <!--Environment: Local Development-->
  <property name="SsoAppUserGroup">ourdaminname\userGroup</property>
  <property name="SsoAppAdminGroup">ourdoaminname\admingroup</property>
  <property name="testKey">Key1</property>
</settings>

Is there any difference between the way SSO values are stored by the BTDF framework vs the out of box storage provided by BizTalk.

I was looking up the values that the got created when I ran the above mentioned command in the SSO database and could not find this in the SSODb Sql server tables.

If there is this will be a bummer for us to use this framework...


Apr 18, 2012 at 8:16 PM

So in the build log in the Output window, when you import to SSO in Visual Studio, the SSOSettingsFileImport.exe command line does not include /userGroupName:"ourdomainname\userGroup" /adminGroupName:"ourdomain\AdministratorsGroup"?  If I'm understanding correctly, you ran the exact command line that you pasted above from the command line, and it loaded successfully.  But the groups are not coming out the same when run from the toolbar?

You cannot view the SSO settings loaded from the spreadsheet using the Microsoft SSO tools.  You can see the application itself, but not the settings.

Thanks,
Tom

Apr 18, 2012 at 8:22 PM
OK. Well, if I see your problem correctly, you're seeing the SSO import process run. So, the <IncludeSSO>true</IncludeSSO> isn't the problem.
You're able to see the SettingsFileGenerator values go into this command as you change them. So, <PropsFromEnvSettings Include="SsoAppUserGroup;SsoAppAdminGroup" /> probably isn't the issue either. Neither is your settingsfilegenerator.
But, the SSO import process is still complaining about the groups not existing in the target of the deployment. So... I would start looking at Windows security to see if the groups are correct. You're either trying to use a local group to the server, or a domain group. Not knowing which you're trying to do, I don't know if you'll be looking in the AD or in the local computer management.

I hope this helps you get going in the right direction on this.

Chris J Albertson




On Wed, Apr 18, 2012 at 2:01 PM, kiranasokan <notifications@codeplex.com> wrote:

From: kiranasokan

I am kind of stumped here ..I have all those u told already set up..But still the Export to SSO is not working.For some reason its not reading the values correctly when creating the SSO.

just for the heck of it I tried doing this from the the command line, in that case the SSO appliation was created , but the keys were empty

"C:\Program Files (x86)\Deployment Framework for BizTalk\5.0\Framework\DeployTools\SSOSettingsFileImport.exe" "BizTalk Server Project1" /settingsFile:"c:\Projects\BizTalk Server Project1\Deployment\EnvironmentSettings\Exported_LocalSettings.xml" /userGroupName:"ourdomainname\userGroup" /adminGroupName:"ourdomain\AdministratorsGroup"

In my Exported_LocalSettings.xml the below entries were there .So Its correclty parsing the values from the settingsgenerator into the environment specific xml files.

<?xml version="1.0" encoding="utf-8"?>
<!--
  This file was auto-generated by the Environment Settings Spreadsheet to XML Exporter (http://envsettingsmanager.codeplex.com).

  Input File: SettingsFileGenerator.xml
  Created: 4/18/2012 01:28 PM
-->
<settings>
  <!--Environment: Local Development-->
  <property name="SsoAppUserGroup">ourdaminname\userGroup</property>
  <property name="SsoAppAdminGroup">ourdoaminname\admingroup</property>
  <property name="testKey">Key1</property>
</settings>

Read the full discussion online.

To add a post to this discussion, reply to this email (biztalkdeployment@discussions.codeplex.com)

To start a new discussion for this project, email biztalkdeployment@discussions.codeplex.com

You are receiving this email because you subscribed to this discussion on CodePlex. You can unsubscribe or change your settings on codePlex.com.

Please note: Images and attachments will be removed from emails. Any posts to this discussion will also be available online at codeplex.com


Apr 19, 2012 at 7:24 PM

Tom,

For some reason when I use "Update SSO from excel option " its not working, but when I do a full deploy it seems to be storing values in the SSO.

I  have decided not to use the SSO include feature because the values added by  the tool are not  readable by our current  SSO  utility  .net component  that we use currently, we don't want to change that right now because its a uitlity shared by all out BTS interfaces. 

Planning  to manage  SSO as separate a  MS build task with the MSBuildTasks.ImportSSOConfigurationApplicationTask 

Couple of Questions :

1. Does BTDF always remove and add the complete BTS application when there is a deployment.

2. Is there any option to say only to run the MSI with out doing the binding file import .Because I was trying to avoiding the port bindings password from being entered after each deployment which can cause lot of  work for every deployment depending on the ports being used.

 

 

Apr 19, 2012 at 10:51 PM

1. For server deployments yes.  Visual Studio deployments no if you use Quick Deploy.

2. The only built-in way to avoid importing the bindings is to leave them out altogether by setting the property IncludeMessagingBindings to false.

I normally put passwords in the settings spreadsheet and have them merged into the bindings file automatically.  You can choose not to include the settings spreadsheet in the MSI and have your server team keep their own spreadsheet for production that contains passwords.  Would that work for you?

Thanks,
Tom

Apr 20, 2012 at 3:34 PM

Tom,

1.If u leave the IncludeMessageBindings to False, then during a redoplyment of the MSI  will the  uninstall processs remove the application first ? then the binding will be missing in the next deployment ?

2. My understanding was this :

1. Duirng the MSI creating process all the required environment files are generated  using the excel spread sheet

         2.During the installation process you choose the correct environment specific file and the values in that will get sucked into the binding file

Now If we don't include the excel spread sheet, the person deploying maintains it and copies it over a specific folder and then use it..I will try that ..

Apr 20, 2012 at 4:08 PM

1. That's correct.

2. The environment specific XML files are not packaged into the MSI.  They are exported from the Excel workbook on the server.  When SettingsFileGenerator.xml is included in the MSI (by default), then the export happens in ServerDeployWizard.bat immediately after you launch a deploy from the MSI or the Start menu.  Immediately after the export the deploy wizard GUI appears.  If you do not include SettingsFileGenerator.xml in the MSI, then you will need to run the export yourself using <appInstallDir>\Framework\DeployTools\EnvironmentSettingsExporter.exe.

Does that make sense?

Thanks,
Tom