- 09 Sep 2024
- 12 Minutes to read
- Print
- DarkLight
- PDF
Prerequisites
- Updated on 09 Sep 2024
- 12 Minutes to read
- Print
- DarkLight
- PDF
This section describes which prerequisites should be met to be able to install and work with BizTalk360. This consists of the following parts:
What versions of BizTalk Server are supported by BizTalk360
What are the prerequisites for a smooth installation of BizTalk360
BizTalk360 Database and Memory Requirements
How to enable SSL / HTTPS
Firewall Ports and protocols required for BizTalk360
Enable MSDTC for BizTalk360 Stand-Alone (separate) server configuration
BizTalk360 supported browser versions
What happens when you don't provide Admin permissions to the BizTalk360 service account
What versions of BizTalk Server are supported by BizTalk360
BizTalk360 supports the following versions of BizTalk Server:
Microsoft BizTalk Server 2009
Microsoft BizTalk Server 2010
Microsoft BizTalk Server 2013
Microsoft BizTalk Server 2013 R2
Microsoft BizTalk Server 2016 (including Feature Packs)
Microsoft BizTalk Server 2020
What are the prerequisites for a smooth installation of BizTalk360
For a successful installation of BizTalk360, it is important to check whether your environment meets the following prerequisite condition for installing each features individually and altogether. Below are the required prerequisite for the features in specific.
Prerequisties of Stand Alone BizTalk360 Server
Install the same version of BizTalk Server components in the stand alone BizTalk360 Server.
Database Feature:
Supported OS (Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows 8, Windows 8.1, and Windows 10)
User should have admin rights (Run MSI from Admin command prompt).
Monitoring and Analytics Services:
Supported OS (Windows 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, 8, 8.1,10)
User should have admin rights (Run MSI from Admin command prompt).
Minimum .NET version 4.6.1 is required to BizTalk360 from version 9.1 for smooth functioning of Azure services
Supported BizTalk Servers (2009, 2010, 2013, 2013 R2, 2016, 2020).
Website:
Supported OS (Windows 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, 8, 8.1,10)
User should have admin rights (Run MSI from Admin command prompt).
Minimum .NET version 4.6.1 is required to BizTalk360 from version 9.1 for smooth functioning of Azure services.
Supported BizTalk Servers (2009, 2010, 2013, 2013 R2, 2016, 2020).
ASP.NET Registered
URL Rewrite must be installed - BizTalk360 has upgraded from knockout JS to Angular, and users must have installed URL Rewrite extension in the environment.
BizTalk Admin components
IIS Server availability (Version 7.0 and above)
Windows Authentication component for IIS (7.0 and above)
Common Requirement:
SQL Server (any version including express is supported)
Make sure the user is able to connect to SQL server instance and database from the server where BizTalk360 is to be installed
Hardware Requirements
The following table shows the hardware requirements that need to be available to install BizTalk360.
Resource | Requirements |
---|---|
Computer and Processor | A computer with an Intel Core-compatible CPU that is 2 GHz or higher core processors. The 64-bit versions of BizTalk Server require a 64-bit operating system running on an x64 based system. Computers based on CPUs that are compatible with the AMD64 (x86-64) and Extended Memory 64-bit Technology (EM64T) processor architecture are considered x64 based systems. Hyper-Threading and Dual-Core processors are supported. |
Memory | 16 GB or higher |
Hard Disk (Database) | Minimum 40 GB of available hard-disk space for a complete installation including the operating system and all prerequisite software. The hard disk must be NTFS formatted. |
Note: Please refer to this article when you are having more than one BizTalk Group in a BizTalk360 Instance.
Software Requirements
The following table lists the software required for installing and running BizTalk360.
Software requirement | supported versions |
---|---|
Operating System | Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, and Windows 10 |
Microsoft .NET Framework | Minimum requirement of Microsoft .NET Framework version 4.6.1 is recommended for BizTalk360 version 10.0 and above for smooth functioning of Azure services |
BizTalk Servers | Microsoft BizTalk Server 2009, Microsoft BizTalk Server 2010, Microsoft BizTalk Server 2013, Microsoft BizTalk Server 2013 R2, Microsoft BizTalk Server 2016, Microsoft BizTalk Server 2020 |
Internet Information Services (IIS) | IIS 7.0 and above |
URL Rewrite Extension | URL Rewrite Extension from v2.0 and above. It can be downloaded from here https://www.iis.net/downloads/microsoft/url-rewrite |
Microsoft SQL Servers | Microsoft SQL Server 2008 onwards (Express Edition is also supported) |
General | Administrative rights for the Service account |
The BizTalk360 MSI Installer is automated to the extent of being able to detect the prerequisite connections. It will not allow you to continue further if any missing components are detected. If any errors are highlighted, you need to stop the installation process, correct the highlighted error, and then rerun the installer.
Additional Prerequisites
In addition to ensuring the above prerequisite conditions, you need to ensure the following:
Create a Service Account for BizTalk360
You need to create a service account for BizTalk360 to run the IIS Application pool and Monitoring/Analytics service. You can create a new Windows account for the service account (say, svcBizTalk360). Once you have created the service account, you need to add it to the following NT groups:
Local Administrators Group, this access is required on:
All BizTalk Servers from the licensed BizTalk360 group
The SQL server(s) which contain(s) the BizTalk databases
In case BizTalk360 is installed on a separate server(s)
The server(s) on which BizTalk360 is installed
BizTalk Server Administrators Group
BizTalk Server Operators Group
BizTalk Application Users Group
BizTalk Isolated Host Users Group
SSO Administrators Group
IIS_IUSRS group
Note: You also need to make sure you make these settings across the multiple environments where you install BizTalk360. You also need to provide SQL Server SYSADMIN access to the service account. Read this to know more about the necessity to give SYSADMIN access.
Important: Please make sure that you log in to BizTalk360 server with the service account and proceed with the new installation or upgrade. This is to ensure that all permissions are in place and that you are able to log in to BizTalk360 without any issues.
To add, view, or manage users and groups, you need to follow the below steps (From Windows 2012 server):
Navigate to 'Computer Management' in the Windows Metro UI view
In the tree view, expand the 'System Tools' and 'Local Users and Groups' option
Post Installation Requirements
Grant access to BTS_ADMIN_USERS SQL Role in the BizTalk Management Database
To grant access to 'BTS_ADMIN_USERS_SQL' role (on Windows 2012 server and later version),
Navigate to 'SQL Server Management Studio' in the Windows Metro UI view
In the Object Explorer panel, connect to SQL Server Instance and expand the tree view on the left side. Expand the SQL Server and 'Databases' and click 'BizTalkMgmtDb' database.
Right-click on the BizTalkMgmtDb database and select the 'New Query' option.
Copy and paste the following values and click 'Execute' to execute the query
GRANT SELECT ON dbo.adm_OtherDatabases TO BTS_ADMIN_USERS; GRANT SELECT ON dbo.adm_Server2HostMapping TO BTS_ADMIN_USERS; GRANT SELECT ON dbo.adm_ServiceClass TO BTS_ADMIN_USERS; GRANT SELECT ON dbo.BizTalkDbVersion TO BTS_ADMIN_USERS; GRANT SELECT ON dbo.adm_BackupHistory TO BTS_ADMIN_USERS;
In addition to the above, it is required to provide "SQLAgentOperatorRole" for the BizTalk360 service account as shown below in order to monitor SQL Jobs in BizTalk SQL Instances.
Microsoft SQL Server Authentication Modes
The SQL Server database engine has two types of authentication modes — Windows authentication mode and SQL Server and Windows Authentication mode (mixed mode). BizTalk360 supports both SQL authentication modes to connect to the SQL Server, however BizTalk360, by default, uses SQL Server and Windows authentication mode (mixed) mode.
If in case the SQL server is configured for Windows Authentication mode, you will see an error when you launch the application for the first time:
Default BizTalk360 installation creates and uses a SQL server for authentication
Make sure either both Windows and SQL authentication is enabled on the SQL instance, where BizTalk360 database is hosted, or Change the config files (web.config and monitoring service.config) to use Windows Authentication.
If you still want to use Windows Authentication mode, you need to make changes to BizTalk360ConnectionString in the web.config in the BizTalk360 Web Installation folder:
You will find the Web.config file in the BizTalk360 Web Installation folder (C:\Program Files (x86)\Kovai Ltd\BizTalk360\Web)
To use Windows authentication mode, change the above connection strings by uncommenting (removing ) the first line and commenting the second line (adding )
In addition to making the changes to BizTalk360ConnectionString in web.config file, you need to make the changes in BizTalk360.monitor.exe.config file in the BizTalk360 Service Installation folder. To change the security SQL server authentication mode:
In SQL Server Management Studio Object Explorer, right-click the server, and then click Properties
On the Security page, under Server authentication, select the new server authentication mode, and then click OK
In the SQL Server Management Studio dialogue box, click OK to acknowledge the requirement to restart the SQL Server
In Object Explorer, right-click your server, and then click Restart. If SQL Server Agent is running, it must also be restarted, Post BizTalk360 installation, a user profile has to be created for the Service account with Super User access privileges. Only then, BizTalk360 can perform operation automation capabilities (such as Resume/Suspend/Terminate) in the Message Box data monitor.
Minimum permissions at the database level
It’s recommended to provide SYSAdmin permission for the BizTalk databases to the BizTalk360 service account. But for some of the organizations due to internal policy, it is restricted to provide SYSAdmin. Hence in such cases, you can provide the minimum permission as per the above article suggested. As an overview of the above recommendations, here is the matrix that you can follow
Database | VIEW DATABASE STATE | BTS_ADMIN_USERS | BTS_HOST_USERS | BAM_CONFIG_READER | db_datareader | db_owner | SQLAgentOperatorRole |
BizTalkMsgBoxDb | Yes | Yes | Yes | Not Available | Yes |
|
|
BizTalkMgmtDb | Yes | Yes | Yes | Yes | Yes |
|
|
BizTalkRuleEngineDb | Yes | Yes | Yes | Not Available | Yes |
|
|
SSODB | Yes | Not Available | Not Available | Not Available | Yes |
|
|
BizTalkDTADb | Yes | Yes | Yes | Not Available | Yes |
|
|
BAMPrimaryImport | Yes | Yes | Yes | Not Available | Yes |
|
|
EsbItineraryDb | Yes | Not Available | Not Available | Not Available | Yes |
|
|
EsbExceptionDb | Yes | Not Available | Not Available | Not Available | Yes |
|
|
BAMArchive | Yes | Yes | Yes | Not Available | Yes |
|
|
BizTalk360 |
|
|
|
|
| Yes |
|
msdb |
|
|
|
|
|
| Yes |
BizTalk360 Database And Memory Requirements
Database Requirements
We recommend you start off by provisioning 10 GB for this purpose. The reason for this is that there are 2 features in BizTalk360 - Advanced Event Viewer and Throttling Analyzer that will cause the database to grow in size since they collect the data and persist the information. If the purge policy in BizTalk360 is set to the default values and you do not have too many hosts and host instances, then a database size of 10 GB should be sufficient.
Memory Requirements
If you are installing BizTalk360 on a standalone server, we recommend you to have a memory of 16 GB or higher to serve the purpose.
How To Enable SSL / HTTPS
Steps To Enable SSL / HTTPS For BizTalk360
In order to deploy BizTalk360 on HTTPS, your IIS must be enabled for HTTPS/SSL. The below links explain how to set up SSL on IIS 7. Please consult your IIS administrator before changing anything in your IIS as it may affect other critical sites running on that IIS.
IIS 7: https://www.iis.net/learn/manage/configuring-security/how-to-set-up-ssl-on-iis
Once you have selected the desired features for installation, navigate to the IIS and Service Account setup screen. Here, choose the HTTPS website where you wish to install BizTalk360 from the dropdown menu labeled "Select Website." After making this selection, proceed with the installation process.
Firewall Ports And Protocols Required for BizTalk360
BizTalk360 requires the same configuration as BizTalk Server Administration. For a complete list of ports utilized by BizTalk Server as admin server, please use the below link:
https://docs.microsoft.com/en-us/biztalk/core/ports-for-the-administration-server
Basically, you need to have SQL, WMI, DTC, IIS destination services configured.
Enable MSDTC For BizTalk360 Stand-Alone (Separate) Server Configuration
Configuring MSDTC is key in multi-server BizTalk server environment configuration. Typically the following procedure should be followed in all BizTalk servers in a multi-server environment. When you are installing BizTalk360 on a stand-alone (separate) server, you need to follow the exact procedures, since the underlying admin APIs will rely on MSDTC.
To enable MSDTC on Windows Server 2008 and above:
Click Start, click Run, type dcomcnfg and then click OK to open Component Services
In the console tree, click to expand Component Services, click to expand Computers, click to expand My Computer, and click to expand Distributed Transaction Coordinator
Right-click Local DTC, and click Properties to display the Local DTC Properties dialog box
Click the Security tab
In the Security Settings section, click Network DTC Access
In the Client and Administration section, select Allow Remote Clients and Allow Remote Administration
In the Transaction Manager Communication section, select Allow Inbound and Allow Outbound
In the Transaction Manager Communication section, select Mutual Authentication Required (if all remote machines are running Windows Server 2003 SP1 or Windows XP SP2 or higher), select Incoming Caller Authentication Required (if running MSDTC in a cluster), or select No Authentication Required if some of the remote machines are pre-Windows Server 2003 SP1 or pre-Windows XP SP2. No Authentication Required is the recommended selection
Select Enable XA Transactions, and then click OK
If you experience any MSDTC issues, you can use DTCPing.exe to validate the connection between the BizTalk360 server and server in the remote BizTalk environment. To obtain the DTCPing.exe tool, see https://go.microsoft.com/fwlink/?LinkId=72166.
BizTalk360 Supported Browser Versions
We have tested BizTalk360 against the following browser versions. We also support other browser versions with the best effort.
Google Chrome - 91.0.4472.106 and later
Firefox - 88.0.1 and later
Microsoft Edge - 91.0.864.48 and later
What happens when you don't provide Admin permissions to the BizTalk360 service account
The service account will have powerful access, but all other users who access BizTalk360 will have very limited access, they don't even need to belong to any BizTalk groups, BizTalk360 abstracts all the security requirements.
BizTalk360 service account user without Local (Windows) Admin permission
BizTalk360 installation will not be proceeded using the service account user privileges. Service account should have local (Windows) admin privileges in all the servers (BizTalk Server, SQL Server).
Considerations while installing BizTalk360: Login to the machine with the service account which has Local Admin privileges. Open a command prompt with Admin privileges and navigate to the downloaded BizTalk360.msi file to proceed with the installation
Note: If the BizTalk360 installation is started with no admin privileges it will encounter the runtime access issue
If the service account is not been provided with the local admin privilege, the following functionalities will not work as expected:
In the Advanced Event Viewer, only the installed machine details were fetched
BizTalk Server and SQL server system-related details will not be displayed under Operations, BizTalk360 UI -> Operations -> Infrastructure Settings -> BizTalk Services/SQL Services. It will just spin for a long time
BizTalk Server and SQL server system related details will not be displayed and exceptions will be thrown under BizTalk360 UI -> Monitoring -> Manage Mapping -> BizTalk Servers / SQL Servers.
File monitoring will become “Orphaned” if you configure.
Analytics will work partially; for some of the counters, details are fetched from the database directly; another system-related information like CPU, Available Memory will not be shown as it requires elevated permissions.
BizTalk360 service account user without SYSADMIN permission
When the BizTalk360 service account (domain user account) doesn’t have SYSADMIN privileges on the BizTalk360 Database, you will not able to open the BizTalk360 web page, it will throw a login failed exception.
To solve this, the user must be provided "db_owner" permission or SYSADMIN access in the BizTalk360 Database security.
When the BizTalk360 service account (domain user account) doesn’t have Sysadmin privileges on the BizTalk Database (BizTalkMgmtDb), you might face the below exception during the activation of the license.
BizTalk360 makes a direct query to some of the BizTalk databases for performance reasons. For that, you need to provide SELECT/EXECUTE permission for the BizTalk360 service account. Hence, assigning SQLAgentOperatorRole for the service account would be sufficient here.
Adapter Pack
When you attempt to enable/disable a receive location that uses the WCF-SQL adapter, or when you attempt to start/stop a send port, you may experience this error "Failed to create 'WCF-SQL' Transport Component".
Once after installing BizTalk360, install the BizTalk Server Enterprise Adapter Pack in the server where BizTalk360 is installed.
If you are using any 3rd party adapters like NSoftware, you have to install the NSoftware Adapter Pack as well on the server where BizTalk360 is installed.
Our recommendation
Some of our customers hesitate to provide higher-level permissions like Local Admin and System Admin due to security reasons. So we recommend creating a separate account for the BizTalk360 service and provide all the necessary permissions to isolate the credentials.