Upcoming DevLive Sessions http://blogs.msdn.com/b/biztalknotes/archive/2013/08/02/upcoming-devlive-sessions-for-biztalk.aspx
Recently I came across a requirement to move master secret to a separate cluster where one of the BizTalk servers are presently acting as the master secret server.Most of the articles available over internet talk about creating a new ENTSSO environment which compelled me to create a step by step guide to achieve this requirement.
Current Environment setup:BTSNODE1 and BTSNODE2 are the existing BizTalk nodes in the environment.Let’s call the new clustered nodes as Node1 and Node2.Currently BTSNODE1 is the master secret server in this BizTalk group.
Steps to be done before the downtime window (assuming that the windows nodes are clustered):
Steps to be performed during downtime 18. To update the master secret server name in the SSO database Type the following commands from a command prompt on the active cluster node to stop and restart the Enterprise SSO service:| net stop ENTSSO net start ENTSSO Change the master secret server name in the SSO database to the cluster name by following these steps: The cluster name is the name defined for the network name resource that you have created in the cluster group / clustered service or application that will contain the clustered Enterprise SSO service. For example, the name may be BIZTALKCLUSTER. BIZTALKCLUSTER is a placeholder for the actual network name resource that is created in the cluster group / clustered service or application. Paste the following code in a text editor : <sso> <globalInfo> <secretServer>BIZTALKCLUSTER</secretServer> </globalInfo> </sso>
Save the file as an .xml file. For example, save the file as SSOCLUSTER.xml. 19. At a command prompt, change to the Enterprise SSO installation folder. By default, the installation folder is <drive>:\Program Files\Common Files\Enterprise Single Sign-On. Type the following command at the command prompt to update the master secret server name in the database: ssomanage -updatedb SSOCLUSTER.xml
20. Restore the master secret on the active node : From an elevated command prompt, go to the Enterprise Single Sign-On installation directory. The default installation directory is <drive>:\Program Files\Common Files\Enterprise Single Sign-On. Type ssoconfig –restoreSecret <restore file>, where <restore file> is the path and name of the file where the master secret is stored.
21. Failover the cluster and peform step 20 on the current active node.22. Failover the cluster resource to make sure the service is coming online on both the servers.23. Restart ENTSSO service on BTSNODE1 and BTSNODE2.24. From the BTSNODE1 and BTSNODE2, make sure we are able to create a receive port and send port successfully. If yes, we are good.
Hope this helps!!!
Written byJainath Ramanathan
Reviewed by Chirag Pavecha
Microsoft India GTSC