biztalk运行时配置期间无法访问SSO数据库 [英] Could not access the SSO database During biztalk runtime Configuration

问题描述

我正在尝试测试将BizTalk SQL Server从一台服务器迁移到另一台服务器的迁移.这是详细信息.

当前，它们全都位于开发环境中的一台服务器上，而BizTalk SQL，SSO和BizTalk运行时全部都在一台服务器上.这是带有SQL Server 2008 R2的Windows 2008 R2服务器.

我要做的是将SSO主密钥服务器和BizTalk数据库拆分到Windows Server 2012/SQL Server 2012安装程序中.到目前为止，我已经在新的SQL Server上完成了SSO的所有设置.我仅在该服务器上配置了SSO部分，一切运行良好.

然后我取消配置现有的BizTalk Runtime，然后在配置过程中使用新的Windows/SQL Server/SSO重新进行配置.

一切顺利进行到尝试配置BizTalk运行时的程度.话虽如此，所有数据库，SSODB，BizTalkMessageBoxDb均已创建.但是在配置BizTalk Runtime时，它会挂起一段时间，并且在服务器的两个日志中都会显示以下几个错误:

Could not access the SSO database. If this condition persists, the SSO service will go offline.
Timeout expired.  The timeout period elapsed prior to completion of the operation or the server is not responding..
SQL Error code: 0xFFFFFFFE

它首先显示在SQL/SSO服务器日志中，然后在几秒钟后显示在运行时服务器中.最终，配置超时并失败.我认为这与权限相关，但我似乎无法弄清楚它的含义.

问题:

• 我需要查看哪些权限?
• 新服务器是Windows 2012/SQL 2012而运行时服务器是Windows 2008是一个问题吗?
• 有什么办法可以获取有关此错误的更多详细信息?

编辑以添加DTCPing和DTCTester通行证，并且可以从服务器通过SSMS通过SQL连接到SQL.为了消除这种情况，防火墙目前已被完全禁用.

解决方案

在第一个环境中如何配置您的服务帐户?通常，可以通过使用该服务器上的本地帐户来完成将所有内容都集成在一个设备上的单个DEV环境.如果现在将SSO拆分到另一台服务器上(无论是W2K12而不是W2K8都没关系)，则必须将BizTalk的服务帐户和组切换为域帐户.

在多计算机环境中，BizTalk Server仅支持域组和域服务帐户.域组包括本地域"组(不推荐)，全局"组和通用"组.如果要在多计算机环境中配置BTS，则不支持诸如NT AUTHORITY \ LOCAL服务，NT AUTHORITY \ NETWORK服务，NT AUTHORITY \ SERVICE，NT AUTHORITY \ SYSTEM和Everyone之类的内置帐户.

确保您的SSO作为域帐户运行，并且是SSO管理员域组的成员-并确保为SQL Server上的SSO系统(而不是本地帐户)配置了该域帐户/组组合:/p>

在您从BizTalk Server加入的SSO系统之后，在BizTalk Server上配置运行时之前，通常需要为SSO配置相同的域服务帐户:

I'm trying to test a migration of moving a BizTalk SQL Server from one server to another. Here are the details.

Currently it was all on a single server in a dev environment, BizTalk SQL, SSO and BizTalk runtime all on one server. It is a Windows 2008 R2 server with SQL Server 2008 R2.

What I want to do is split out the SSO Master secret server and BizTalk databases to a Windows Server 2012/SQL Server 2012 setup. So far I got SSO all setup on the new SQL server. I configured just the SSO portion on that server and all went well.

I then unconfigured the existing BizTalk Runtime and then went to configure again, using the new Windows/SQL Server/SSO in the configuration process.

All goes well up to the point where it tries to configure the BizTalk runtime. That being said all the database are created, SSODB, BizTalkMessageBoxDb, all of them. But when it goes to configure BizTalk Runtime, it hangs for a while and several of the following errors show up in both of the Server's logs:

Could not access the SSO database. If this condition persists, the SSO service will go offline.
Timeout expired.  The timeout period elapsed prior to completion of the operation or the server is not responding..
SQL Error code: 0xFFFFFFFE

It shows up in the SQL/SSO servers logs first, then the Runtime server a few seconds later. Eventually the configuration times out and fails. I believe it's permissions related, but I can't seem to figure out what it would be.

Questions:

• what permissions do I need to review?
• would the fact that the new server is Windows 2012/SQL 2012 while the runtime server is Windows 2008 be an issue?
• is there any way I can get more details on this error?

Edit to add both DTCPing and DTCTester pass with flying colours and I can connect to SQL via SSMS from the server. Firewall has been completely disabled for now in order to eliminate that as well.

解决方案

How were your service accounts configured in the first environment? Typically a single DEV environment with everything on one box can be done by using a local account on that server. If you now split out your SSO onto another server (it doesn't matter if it's W2K12 instead of W2K8), you are going to have to switch your service account(s) and groups for BizTalk to Domain accounts.

In a multicomputer environment, BizTalk Server supports only domain groups and domain service accounts. Domain groups include Domain Local groups (not recommended), Global groups, and Universal groups. Built-in accounts such as NT AUTHORITY\LOCAL SERVICE, NT AUTHORITY\NETWORK SERVICE, NT AUTHORITY\SERVICE, NT AUTHORITY\SYSTEM, and Everyone are not supported if you want to configure BTS in a multicomputer environment.

Make sure your SSO is running as a domain account, and a member of an SSO Administrators domain group - and ensure this domain account/group combo is configured for the SSO system on the SQL server (instead of local accounts):

After that the SSO system you join from the BizTalk Server before configuring the runtime on BizTalk Server usually needs to be configured with the same domain service account for SSO:

这篇关于biztalk运行时配置期间无法访问SSO数据库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！