locked
Are Managed Service Accounts Supported in BizTalk? RRS feed

  • Question

  • Hello,

    Does BizTalk Server support the use of Managed Service Accounts for running host instances? Please see: http://technet.microsoft.com/en-us/library/dd560633(v=ws.10).aspx

    Thank You,

    PBR



    • Edited by Paul B-R Tuesday, February 11, 2014 3:13 AM
    Tuesday, February 11, 2014 1:19 AM

Answers

  • From http://technet.microsoft.com/en-us/library/dd548356.aspx

    I got the following statement.

    Quote ------

    In Windows Server 2008 R2 and Windows 7, one managed service account can be used for services on a single computer. Managed service accounts cannot be shared between multiple computers and cannot be used in server clusters where a service is replicated on multiple cluster nodes.

    End Quote ------

    So NO, I'd say Managed Account are RULED OUT for purposes of BizTalk Server Deployment.

    Regards.

    • Marked as answer by Angie Xu Monday, February 17, 2014 1:50 AM
    Tuesday, February 11, 2014 4:31 AM

All replies

  • From http://technet.microsoft.com/en-us/library/dd548356.aspx

    I got the following statement.

    Quote ------

    In Windows Server 2008 R2 and Windows 7, one managed service account can be used for services on a single computer. Managed service accounts cannot be shared between multiple computers and cannot be used in server clusters where a service is replicated on multiple cluster nodes.

    End Quote ------

    So NO, I'd say Managed Account are RULED OUT for purposes of BizTalk Server Deployment.

    Regards.

    • Marked as answer by Angie Xu Monday, February 17, 2014 1:50 AM
    Tuesday, February 11, 2014 4:31 AM
  • I would not say complete No. Its yes and no.

    Yes- You can use MSA on a single server quick (quick in terms of building an environment for test/dev) test BizTalk environment/dev. Is it a good practice to use MSA ? then its no.

    Strict No: For multi-computer environment or in cluster, obviously you can't use MSA. Its also one of the limitations of MSA that it can't span multiple computers.

    but there is no official word from BizTalk (at least I can't find one) to say not to use it in BizTalk. Its not advisable to use MSA in BizTalk, but you can in single-server dev./test environment technically.


    If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply.

    Tuesday, February 11, 2014 12:24 PM
  • I'll vote NO as well.

    While the Services might run fine with a MSA, I think the auto password sync would be a problem for SSO which uses the password (well, not the actual pw) as part of the encryption algorithm.

    Tuesday, February 11, 2014 1:49 PM
    Moderator