Earlier today, my client asked me to relocate the server responsible for BizTalk 2006 R2 to a different domain. Stupid me, I thought, how hard can it possibly be? WRONG!
Here are the steps I took with which you SHOULD NOT follow:
- 1. Shut down all services gracefully and domain. Restart as required.
- 2. Recreate all appropriate users, groups and rights in the new domain
- 3. Add new user credentials to folder structures and database security
- 4. Change the appropriate services (i.e. host instances, BAM services, SQL, etc) to run as the new users.
- 5. Change all host instances to run using the appropriate new user
- 6. Start SQL
- 7. Start BizTalk services
Step 7 was where the fun began. SSO and BAM started ok for me. But as soon as I tried to start the host instances, SSO freaked out with errors like “… cannot perform
encryption or decryption because the secret is not available from the master
secret server…”
At this point, it would have been helpful if I had backed up the SSO master secret because that file was the key (pun intended) to restoring SSO ability to work under a different user account, and subsequently save me hours of fun reconfiguration BizTalk from scratch.
