We have an existing BizTalk 2006 server with a separate SQL Server 2005 repository on another machine. We’re using AD domain groups to manage security access. We needed to CHANGE the AD groups that we were using for the BizTalk Server Administrators
and the BizTalk Server Operators. There appears to be no way to change this from the BizTalk Administration Console nor from the BizTalk Configuration utility.
I noticed that the groups that are displayed on the BizTalk Administation Console are derived from the adm_Group table. I changed this value but it did not have the desired effect. It looks like the value in this table is used for display purposes
The only way I was able to achieve my goal was to mess around with “Logins” within SQL Server. Firstly, I tried to rename the existing Login to the name of the new group that we’d created in Active Directory but that was not possible because
the Login is tied to a SID. Instead, I had to create new Logins (selecting Windows Authentication and the appropriate AD group) and make sure the “Server Roles” and “User Mappings” were the same as those defined for the existing BizTalk
Server Admins group. Then I had to Deny (or Delete) the Logins for the old groups.
Is this the correct way to change the Windows groups used to manage BizTalk Administrators and Operators? Ideally, I would like to know other people’s experience before proceeding to do this on our Production environment!
Hi Wilson, This could be of interest.http://msdn.microsoft.com/en-us/library/aa577661(BTS.70).aspx /
Hi,Another approach would be to unconfigure the BizTalk group, but that is not something you want to do because you will lose the databases. Basically you will go a vanilla state of BizTalk Server and then configure it from the start. You will need to go for
Hi Steef-Jan,You’re right. I did not go down the unconfigure route because I did not want to lose all the application settings etc and have to start all over again.The approach I took does work. As far as the BizTalk Admin Console is concerned, everything behaves normally. I made sure the server was not actively being used so I don’t know for sure if it would have affected running applications. I