How to Configure the BAM Portal to Work on an NLB Cluster
The BAM portal can be configured to work in a network load balancing (NLB) cluster.
-
Install and configure the portal on the first computer.
Note You only configure the portal on the first computer. You have the option of enabling the BAM portal on other the other computers in the cluster, but the configuration is done only on the first computer. -
Install the portal components on all the computers to be included in the NLB cluster, and then join the other computers in the cluster to the BizTalk group of the computer on which the portal is configured. You must enable the BizTalk groups and join the appropriate group.
-
Select the BizTalk Management database configured for the computer on which the portal is installed.
-
Create the NLB cluster. For more information about how to create and manage network load balancing clusters, see "Create and Manage Network Load Balancing Clusters" at http://go.microsoft.com/fwlink/?LinkId=56206.
Note You should confirm that your NLB cluster is working properly outside of the BizTalk Server context before continuing. Note To set up hardware-based NLB, refer to your hardware provider's documentation.
-
Use the BAM Management Utility to get the current BAM configuration. To do this, click Start, click Run, and type drive:\Program Files\Microsoft BizTalk Server 2009\Tracking\bm get-config -FileName:MyConfig.xml.
-
Replace the local host name with the name of the NLB cluster. To do this, click Start, click Run, and type notepad drive:\Program Files\Microsoft BizTalk Server 2009\Tracking\ MyConfig.xml.
-
For hardware-based NLB only, verify the configuration file has the following:
<GlobalProperty Name="BAMVRoot"> http://<NLB IP Address>:portname/BAM</GlobalProperty>
Note Steps 4 and 5 are not necessary when updating the BAM configuration on hardware-based NLB. -
Modify the following line to point to the NLB cluster by replacing the computer name (machinename) with the cluster name:
<GlobalProperty Name=" BAMVRoot"> http://machinename:portname/BAM </GlobalProperty>
-
Save the new configuration. To do this, click Start, click Run, and type drive:\Program Files\Microsoft BizTalk Server 2009\Tracking\bm update-config -FileName:MyConfig.xml.
-
Open the web.config file using Notepad by clicking Start, clicking Run, typing notepad drive:\Program Files\Microsoft BizTalk Server 2009\\web.config, and then clicking OK.
-
Modify the following computer name (machinename) and the port name in the following two lines to point to the name of name of the cluster:
<add key="BamQueryWSUrl" value="http://machinename:portname /BAM/BAMQueryService/BamQueryService.asmx" /><add key="BamManagementWSUrl" value=" http://machinename:portname/BAM/BAMManagementService/BamManagementService.asmx" />
-
Save the file. To do this, click File, and then click Save on the Notepad menu bar.
-
Copy the web.config file to drive:\Program Files\Microsoft BizTalk Server 2009\BAM Portal folder on each additional computer in the cluster.
Note In the following steps all references to the Program Files folder will be Program Files (x86) for 64 bit computers. Important In the following steps, when you are creating the virtual directories, check to make sure they have the exact settings as the three BAM virtual directories created by the BizTalk Server Configuration on first computer. Confirm your file paths, the ASP.NET version, your directory permissions, and application pool. Use the same domain service account to run the BAMAppPool on the computer you are setting up as you used when setting up the first computer. Make sure the BAMAppPool is running on all of the computers. There are two web.config files you must copy. In addition to the web.config file drive:\Program Files\Microsoft BizTalk Server 2009\BAM Portal, you must copy the web.config file in drive:\Program Files\Microsoft BizTalk Server 2009\BAMPortal\BAMManagementService and drive:\Program Files\Microsoft BizTalk Server 2009\BAMPortal\BAMQueryService to the same folders on this computer. -
For hardware-based NLB only, modify the following computer name (machinename) and the port name in the following two lines to point to the name of name of the cluster:
<add key="BamQueryWSUrl" value="http://machinename:portname /BAM/BAMQueryService/BamQueryService.asmx" /><add key="BamManagementWSUrl" value=" http://machinename:portname/BAM/BAMManagementService/BamManagementService.asmx" />
-
Create an application pool called BAMAppPool.
Note The directory path for the virtual directories should be %InstallationFolder%/BamPortal, %InstallationFolder%/BamPortal/BAMManagementService, and %InstallationFolder%/BamPortal/BAMQueryService. -
Create a virtual directory under the Default Website called BAM.
-
Change the application pool of BAM virtual directory to BAMAppPool.
Note The directory path for the virtual directories should be %InstallationFolder%/BamPortal, %InstallationFolder%/BamPortal/BAMManagementService and %InstallationFolder%/BamPortal/BAMQueryService. -
Create a virtual directory called BAMManagementService under BAM.
-
Change the application pool of BAMManagementService to BAMAppPool.
Note The directory path for the virtual directories should be %InstallationFolder%/BamPortal, %InstallationFolder%/BamPortal/BAMManagementService, and %InstallationFolder%/BamPortal/BAMQueryService. -
Create a virtual directory called BAMQueryService under BAM.
-
Change the application pool of BAMQueryService to BAMAppPool.
-
Use the INETMGR, located on the virtual directory Properites ASP NET Tab, to change the version for BAM, BAMMANAGEMENTSERVICE, and BAMQUERYSERVICE to set the version of the Applications to .NET Framework 3.5.
-
Run aspnet_setreg.exe -k:"SOFTWARE\Microsoft\BizTalk Server\3.0\BAM\WebServices\identity" -u:BAMWebServiceAccount –p:Password. The account specified here is the BAM Management Web Service User account.
-
Set the read ACLs for the AppPool user on WebServices by running SubInACL, a command-line tool that enables administrators to obtain security information about files, registry keys, and services, and to transfer this information from user to user, from local or global group to group, and from domain to domain.
-
Download SubInAcl from http://go.microsoft.com/fwlink/?LinkId=61990.
-
Open a command prompt. To do this, click Start, click Run, type cmd, and then click OK.
-
Type the following at the command prompt: subinacl.exe /subkeyreg "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\BizTalk Server\3.0\BAM\WebServices" "/grant=Network Service=R"
Note The purpose of this command is to grant the BAM Application Pool user read access to the SOFTWARE\Microsoft\BizTalk Server\3.0\BAM\WebServices\identity registry key. The example uses Network Service since it is the default used by IIS for Application Pool. If you do not use the default IIS settings, you should substitute the application pool user that your deployment uses. -
Type the following at the command prompt: subinacl.exe /keyreg "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\BizTalk Server\3.0" "/grant=<BAM WebService Account>”
Note The purpose of this command is to grant the BAM Management Web Service User account read access to the SOFTWARE\Microsoft\BizTalk Server\3.0\BAM\WebServices\identity registry key. -
Verify that the identity that the application pool that the BAMManagement Web service runs under has read access to the ASPNET_SETREG key.
-
Use the Computer Management administrator tool to add the BAM Management Web service user and the BAM application pool user account to the IIS Worker Process Group (IIS_WPG) and SharePoint services group (STS_WPG).
-
Set the permissions on the temporary ASP.NET folders for the applications pool and Web service users: c:\windows\system32\cacls "%windir%\Microsoft.NET\Framework\ v3.5.<min version number>\Temporary ASP.NET Files" /T /E /G <BAM WebService Account>
Note You grant access to both the BAM Management Web Service User account and the BAM App Pool User account.
