In a Dev environment, I'm try to install BizTalk on windows 7 with local accounts. The PC is not part of a domain. The install goes fine, and I've followed the msdn documentation for BizTalk on windows 7. SSO is the first thing that fails when I try and run the BizTalk configuration utility.
It created the SSODB database, built the tables, etc. but the SSO configuration failed. I see errors in the event log like:
SSO AUDIT
Function: GetApplications2
Tracking ID: a9b83ad5-1f05-407f-9d0b-63b4e4acd7d5
Client Computer: VM-BizTalk (mmc.exe:3572)
Client User: VM-BizTalk\Jeremy
Application Name: -
Error Code: 0xC0002A02, The SSO system is currently disabled.
The SSO service is running under a local account. This is not recommended and will limit the functionality of SSO. See your documentation for details.
SSO Service Account: VM-BizTalk
Access denied. The client user must be a member of one of the following accounts to perform this function.
SSO Administrators: SSO Administrators
SSO Affiliate Administrators: -
Application Administrators: -
Application Users: -
Additional Data: VM-BizTalk\Jeremy
Secret server access denied.
Client User: VM-BizTalk\Jeremy
Both the sso service account and my account are part of the SSO administrators group (local accounts and groups).
Well, I did a little more digging, and found an additional error in the BizTalk Configuration log file:
Failed to generate and backup the master secret to file: C:\Program Files\Common Files\Enterprise Single Sign-On\SSO0FAB.bak (SSO) Additional Information (0x80070005) Access is Denied.
Searching this error I discovered a blog entry:
http://blogical.se/blogs/mikael_sand/archive/2009/10/01/failed-to-create-the-master-secret-file-why-do-these-things-always-happen-to-me.aspx?CommentPosted=true#commentmessage
Which advises this solution:
I did the above steps. Additionaly, after step 2 I re-ran the BizTalk install, chose repair, then went through the install process which took me though the configuration steps and finally a successful configuration!