Installing BizTalk Server 2013 on Multiple Virtual Machine on Windows Azure

Introduction

This article explains How to install and configure BizTalk Server 2013 VM (Virtual Machine) with SQL Server 2012 VM. Both VM's are present on Windows Azure.

There will be 3 VM on Microsoft Azure.

• 1 Windows Server 2012 for host active directory (Domain Controller)
• 1 VM to Host for BizTalk Server 2013.
• 1 VM to Host for SQL Server 2012.

Prerequisites

A Windows Azure subscription with the Virtual Machines Preview enabled.

Step By Step

In this Step-by-Step guide, you will learn how to:

1. Register a DNS Server in Windows Azure
2. Define a Virtual Network in Windows Azure
3. Deploy a new Windows Server 2012 VM in Windows Azure (Domain Controller)
4. Configure a Windows Server Active Directory Forest in a Windows Azure VM
5. Deploy a new BizTalk Server 2013 VM in Windows Azure.
6. Deploy SQL Server 2012 VM in Windows Azure
7. Create Windows Group and Service Account on Domain Controller.
8. Configure BizTalk Server with SQL Server

Register a DNS Server in Windows Azure

• Give DNS Server Name: CloudIntegrated.
• Give DNS Server IP Address : 10.0.0.4
• Click on Register DNS Server Checkbox.

Create a Virtual Network on Microsoft Azure

Define a common virtual network in Windows Azure for running Active Directory, Database and BizTalk Server virtual machines by performing the following steps

• Select Network Services located on the side navigation panel on portal.
• Click on Virtual Network -> Quick Create.
• Name: CloudIntegratedNetwork
• DNS Server: CloudIntegrated.
• Affinity Group: Affinitygp.
• Click on Create a Virtual Network.

Deploy a new Windows Server 2012 VM in Windows Azure (Domain Controller)

You will create a new Windows Azure VM to run a Windows Server 2012 on the Windows Azure Virtual Network

• Select Virtual Machines located on the side navigation panel on the portal.
• Click on New -> Compute -> Virtual Machine -> From Gallery.

Select Windows Server 2012 Datacenter from the Images List.

Set the VM Configurations as:

• VM Name : BT-AD-Prod01
• User Name : SysAdmin
• Password : ********

• Select Virtual Network created in previous Step
• Click on Arrow Button and then Ok Button.

Configure a Windows Server Active Directory Forest in a Windows Azure VM

Install Windows Server Active Directory.

• Click on add roles and features.

• Click on Next.
• Click on Next

• Click on Active Directory Domain Services check box.

• Click on Add Features.

Deploy a new BizTalk Server 2013 VM in Microsoft Azure

This step will gives you detail how to deploy BizTalk Server 2013 VM

How to add VM to Domain Controller.

• Click on New -> Compute -> Virtual Machine -> From Gallery.

• Give VM Configurations:
  • VM Name: bt-app-prod1
  • New User Name: btprodadmin

• Click on Check box.
• Add this Machine to Domain created in previous step.
• Go to control panel ->System and Security -> Advanced System Settings
• Add Domain:

Deploy  SQL Server 2012 VM in Microsoft Azure

• Give VM Configurations

• Now add the machine to Domain .
• Go to System properties -> Change Domain Name .

Create Windows Group and Service Account on Domain Controller.

Since BizTalk Server 2013 and SQL Server are installed on a separate Virtual machine, the use of a domain user account is therefore a necessity so that the account can have access rights on both the BizTalk machine and the SQL Server machine.

Windows Groups Used In BizTalk Server

The following table lists the Windows groups and their membership used by BizTalk Server. It also identifies the SQL Server Roles or Database Roles for the group.

Group	Group Description	Membership	SQL Server Roles or Database Roles
SSO Administrators	Administrator of the Enterprise Single Sign-On (SSO) service.For more information about SSO accounts, see "How to Specify SSO Administrator and Affiliate Administrators Accounts" at http://go.microsoft.com/fwlink/?LinkID=89383.	Contains service accounts for Enterprise Single Sign-On service. Contains users/groups that need to be able to configure and administer BizTalk Server and SSO service.Contains accounts used to run BizTalk Configuration Manager when configuring SSO master secret server.	db_owner SQL Server Database Role for the SSO. securityadmin SQL Server Role for the SQL Server where SSO is located.
SSO Affiliate Administrators	Administrators of certain SSO affiliate applications. Can create/delete SSO affiliate applications, administer user mappings, and set credentials for affiliate application users.	Contains no service accounts. Contains account used for BizTalk Server Administrators.
BizTalk Server Administrators	Has the fewest privileges necessary to perform administrative tasks. Can deploy solutions, manage applications, and resolve message processing issues. To perform administrative tasks for adapters, receive and send handlers, and receive locations, the BizTalk Server Administrators must be added to the Single Sign-On Affiliate Administrators. For more information, see "Managing BizTalk Server Security" in at http://go.microsoft.com/fwlink/?linkid=110476.	Contains users/groups that need to be able to configure and administer BizTalk Server.	BTS_ADMIN_USERS SQL Server Database Role in the following databases:BizTalkMgmtDb,  BizTalkMsgBoxDb,  BizTalkRuleEngineDb,  BizTalkDTADb,  BAMPrimaryImport.  db_owner SQL Server Database Role for the following databases: BAMStarSchema, BAMPrimaryImport, BAMArchive, BAMAlertsApplication, BAMAlertsNSMain. NSAdmin SQL Server Database Role in the following databases: BAMAlertsApplication, BAMAlertsNSMain. SQL Server Database Role in the following databases: BizTalkDTADb, BizTalkMgmtDb. OLAP Administrators on the computer hosting the BAMAnalysis OLAP database.
BizTalk Server Operators	Has a low privilege role with access only to monitoring and troubleshooting actions.	Contains user/groups that will monitor solutions. Contains no service accounts.	BTS_OPERATORS SQL Server Database Role in the following databases: BizTalkDTADb, BizTalkEDIDb, BizTalkMgmtDb, BizTalkMsgBoxDb, BizTalkRuleEngineDb.
BizTalk Application Users	The default name of the first In-Process BizTalk Host Group created by Configuration Manager. Use one BizTalk Host Group for each In-Process host in your environment. Includes accounts with access to In-Process BizTalk Hosts (hosts processes in BizTalk Server, BTSNTSvc.exe).	Contains service accounts for the BizTalk In-Process host instance in the host that the BizTalk Host Group is designated for.	BTS_HOST_USERS SQL Server Database Role in the following databases:BizTalkMgmtDb, BizTalkMsgBoxDb, BizTalkRuleEngineDb, BizTalkDTADb, BAMPrimaryImport. BAM_EVENT_WRITER SQL Server Database Role in the BAMPrimaryImport.
BizTalk Isolated Host Users	The default name of the first Isolated BizTalk Host Group created by Configuration Manager. Isolated BizTalk hosts not running on BizTalk Server, such as HTTP and SOAP. Use one BizTalk Isolated Host Group for each Isolated Host in your environment.	Contains service accounts for the BizTalk Isolated host instance in the host that the Isolated BizTalk Host Group is designated for.	BTS_HOST_USERS SQL Server Database Role in the following databases: BizTalkMgmtDb, BizTalkMsgBoxDb, BizTalkRuleEngineDb, BizTalkDTADb, BAMPrimaryImport.
EDI Subsystem Users	Has access to the EDI database.	Contains service accounts for BizTalk Base EDI service.	EDI_ADMIN_USERS SQL Server Database Role in the BizTalkEDIDb.
BAM Portal Users	Has access to BAM Portal Web site.	Everyone group is used for this role by default.Contains no service accounts.
BizTalk SharePoint Adapter Enabled Hosts	Has access to Windows SharePoint Services Adapter Web Service.	Contains service accounts for the BizTalk host instance to be able to call SharePoint Adapter.

 

User and Service Accounts Used In BizTalk Server

The following table lists the Windows user or service accounts and group affiliations used by BizTalk Server. It also identifies the SQL Server Roles or Database Roles for the accounts.

User	User Description	Group Affiliation	SQL Server Roles or Database Roles
Enterprise Single Sign-On Service	Service account used to run Enterprise Single Sign-On Service, which accesses the SSO database.	SSO Administrators
BizTalk Host Instance Account	Service account used to run BizTalk In-Process host instance (BTNTSVC).	BizTalk Application Users
BizTalk Isolated Host Instance Account	Service account used to run BizTalk Isolated host instance (HTTP/SOAP).	BizTalk Isolated Host UsersIIS_WPG
Rule Engine Update Service	Service account used to run Rule Engine Update Service, which receives notifications to deployment/undeployment policies from the Rule engine database.		RE_HOST_USERS SQL Server Database Role in the BizTalkRuleEngineDb.
BizTalk Base EDI service	Service account used to run BizTalk Base EDI service, which processes EDI documentations. Important The Base EDI adapter was deprecated in BizTalk Server 2006 R2. The Base EDI adapter can be used in upgrade scenarios, but for new installations of BizTalk Server, use the native EDI and AS2 functionality.	EDI Subsystem Users In-Process BizTalk Host Groups hosting the Base EDI adapter.
BAM Notification Services User	Service account used to run BAM Notification Services, which accesses the BAM databases.	SQLServer2005Notification ServicesUser$ <ComputerName>	NSRunService SQL Server Database Role in the following databases: BAMAlertsApplication, BAMAlertsNSMain.  BAM_ManagementNSReader SQL Server role for the BAMPrimaryImport.
BAM Management Web Service User	User account for BAM Management Web service (BAMManagementService) to access various BAM resources. BAM Portal calls BAMManagementService with the user credentials logged on the BAM Portal to manage alerts, get BAM definition XML and BAM views.	IIS_WPG	NSSubscriberAdmin SQL Server Database Role in the following databases: BAMAlertsApplication, BAMAlertsNSMain. BAM_ManagementWS SQL Server role for the BAMPrimaryImport.
BAM Application Pool Account	Application pool account for BAMAppPool, which hosts BAM Portal Web site.	IIS_WPG
BizTalk Administrator btprodadmin	User need to be able to configure and administer BizTalk Server.	BizTalk Server Administrators

Configure BizTalk Server 2013 with SQL Server 2012

To configure BizTalk Server 2013, click Start, click All Programs, click Microsoft BizTalk Server 2013, right-click BizTalk Server Configuration, and then click Run as Administrator.

Because this is a multi-Computer BizTalk Server installation, we cannot use a “Basic Configuration” option. You must select “Custom configuration” option

• Set DataBase Server Name : bt-db-prod1
• Set User Name : Contoso\btprodadmin
• Click on Configure.
• On Enterprise SSO tab, create a new SSO System and place the following configurations
• On Enterprise SSO Secret Backup tab, set a secret backup password, password reminder and the location of the SSO backup file
• On BizTalk Runtime tab, create a new In-Process and Isolate Host and Instance with the following configurations
• Windows Service:
  • BizTalk Host Instances Account: contoso\BTSAppHost
  • BizTalk Isolated Host Instances Account: contoso\BTSIsolatedHost
• Windows Group:
  • BizTalk Host User Group: contoso\BizTalk Application Users
  • BizTalk Isolated Host User Group: contoso\BizTalk Isolated Host Users
• On BAM Tools tab, Enable Analysis Services for BAM aggregations and place the following configurations
• On BAM Portal tab, place the following configurations
• Windows Service :
  • BAM Management Web Service user : contoso\BamWebService
  • BAM Application Pool Account : contoso\Bamapp
• Windows Group :
  • Bam Portal Users : Everyone
• On BizTalk EDI/AS2 Runtime tab, enable all features
• Click “Apply Configurations”
• On the Summary screen, review the configuration about to be performed, and then click Next.
• On the Completion screen, click Finish.

See Also

Another important place to find an extensive amount of BizTalk related articles is the TechNet Wiki itself is the Technet Wiki article BizTalk Server Resources on the TechNet Wiki.