BizTalk Health Monitor – Backup BizTalk Server (BizTalkMgmtDb) Disabled

BizTalk Health Monitor – Critical Warnings

If you run BizTalk Health Monitor and get the above warning, take it seriously and escalate it to the database support. This usually occurs when the database support team decides to use it’s own database backup methods. But Microsoft have made it very clear that this is not supported.

The Backup BizTalk Server job is the only supported method for backing up the BizTalk Server databases. Use of SQL Server jobs to back up the BizTalk Server databases in a production environment is not supported.

If the Backup BizTalk Server job is not run, the BizTalk Server database transaction logs will grow unbounded. The backup job truncates the transaction logs, which keep them from growing unbounded. If the BizTalk Server database transaction logs continue to grow, they could at some point fill the disk they are housed on.

Note

Using both the Backup BizTalk Server job and log shipping is currently the only fully documented and supported method for performing BizTalk Server database backup and restore.

Advantages of the Backup BizTalk Server Job

 

Advertisement

BizTalk 2020 – CU4

BizTalk 2020 come out last week, you can find the details here

There are Adapters fixes for 2 x WCF-SAP, WFC-OracleDB, Office365 (Outlook & TMS) & Event Hub.

For the runtime FIX: Excessive CPU usage in kernel mode of Windows when you run multiple BizTalk host instances

A fix for how maps treat whitespaces, this one a fix for where it ignored the default element value if it was only whitespace. FIX: Default element value of spaces or tabs is ignored when using the .NET transform engine in a BizTalk map

A FIX: Turning on auditing causes errors in the BizTalk Server Administration Console

Also of note are the version of components you will need.

Updated External Dependencies

DependencyUpdated version
WinSCP5.19.2
Newtonsoft.Json13.0.1
WindowsAzure.ServiceBus6.2.0
Saxon-HE9.9.1.7
Microsoft.Identity.Client4.36.0
Microsoft.ApplicationInsights2.18.0

If you have BizTalk Developer Tools installed, you must install the latest version of BizTalk Server Visual Studio extension (build 3.13.2.0) in addition to this CU package. The extension can be installed from https://marketplace.visualstudio.com/items?itemName=ms-biztalk.BizTalk or from within Visual Studio through Manage Extensions.

Always check Service Pack and cumulative update list for BizTalk Server for the latest CU for both core BizTalk and Adapters for Enterprise Applications, for HIS check HIS Update Center

Missing Assembly.Info in BizTalk Project

Sometimes you come across BizTalk Projects that have been checked into source control, but someone missed checking in the AssemblyInfo.cs file

When you let Visual Studio create a new one, it all builds fine, but when you try to deploy it, you get weird errors about not having permission to the DLL in your Local user profile.

Error 3 Access to the path ‘C:\Users\USERNAME\AppData\Local\Temp\5\BT\PID34764\BizTalkAssembly\175958c71880b4092ef846ff9349619b\BIZTALK.dll’ is denied. 0 0

Trying to manually add the DLL to BizTalk will complain that the DLL is associated with another Application.

Removing the resource and then manually adding seems to work, but then it doesn’t recognise it as a BizTalk Assembly, and your artifacts such as Orchestrations, Schemas and Maps will be missing.

To fix this you need the following line after the AssemblyFileVersion line.

[assembly: Microsoft.XLANGs.BaseTypes.BizTalkAssembly(typeof(Microsoft.BizTalk.XLANGs.BTXEngine.BTXService))]

Do you require BizTalk Server licenses for Enterprise SSO on SQL Server?

This question “Do you require BizTalk Server licenses for Enterprise SSO on SQL Server?” has come up several times for me at work recently, as apparently some software licence monitoring tools pick up the fact that SSO is installed on the SQL Server used for BizTalk, and that it does not have a licence.

As per the the answer on StackOverflow on the question What are the licencing requirements to run Microsoft Enterprise Single Sign On service(SSO) on a seperate server? and the as per the Microsoft Article it links to High Availability for the Master Secret Server which has the following note, no, you do not need BizTalk licences for your SQL server, just the OS and SQL licences.

To reduce the hardware resources for a highly available solution, you can add the master secret server as a cluster resource in your SQL Server cluster. Note that you do not need to purchase additional BizTalk Server licenses to install the SSO service on the computer running the SQL Server.

https://docs.microsoft.com/en-us/biztalk/technical-guides/high-availability-for-the-master-secret-server

Other references

Book Review: Migrating to BizTalk Server 2020

Review of the Book, Migrating to BizTalk Server 2020

This book is written by Sandro Pereira, Tom Canter and Lex Hegt, all well known people in the BizTalk sphere. After the dedication about the Authors the introduction starts with an interesting brief history of the various BizTalk Server and then dives straight into what this book is for and what it covers, which unsurprisingly is about how to migrate from earlier version of BizTalk to the latest version Microsoft BizTalk Server 2020. And that is just the introduction.

The next chapters give an Overview of BizTalk Server 2020, what might be some of the reasons why you would want to upgrade; what you need to do to prepare for the migration; the options of doing an in-place upgrade (but also covers why you shouldn’t do this); migrating in a side by side way; and also looks at the option of migrating to Azure. Lastly it has an Appendix that list the BizTalk Dependencies their EOL (End Of Life), which can be one of the justifications you need for an upgrade.

All in all a very comprehensive book and something that you should read if you do have some older BizTalk environments that you are planning to migrate away from. As I’m currently in the midst of a project to migrate of both BizTalk 2010 and BizTalk 2016 to BizTalk 2020, this book has already proven valuable.

This book is available on Shopify

BizTalk – Sending messages via email

Before you get your hopes up, this is not a How To of sending messages via email using BizTalk, instead this is advice not to do it. Why is that you ask? See my reasoning below, feel free to use this to tell your boss/solution architect/client etc. as to why they shouldn’t implement a solution that sends business documents via email, except when they go to a person, rather than a system.

There is no interface contract

Unlike web services there is no WSLD or Swagger to define the interface, so how it is implemented at both ends is usually very loose. I’ve seen multiple solutions in Production that relied on messages received by email break when the sender decided to change how they were sending the payloads without notice.

It is insecure

It is ridiculously easy to spoof a From address or use a fake address that looks similar to the real one, and unless the receiver uses SPF, DKIM or DMARC the receiving mail server and system will not notice.

By default emails are sent un-encrypted, this could leave you open to a man in the middle attack where payloads are altered. So you have to encrypt or de-crypt in the MIME pipeline, and exchange certificates.

By default emails are digitally unsigned, so receiver cannot verify with 100% accuracy that the payload was sent from your system unless you go to the trouble of signing the payload and the receiving system verifies.

The authentication options to send emails are Basic, which sends credentials in the clear across your network, NTLM authentication (which is also vulnerable to chosen plaintext), or your mail server needs to be set not to authenticate client apps that are sending emails. The standard BizTalk SMTP adapter does not support SSL/TLS connections either. So you would have to use something like Stunnel as per an answer in the thread BizTalk 2016 SMTP/POP3 with TLS 1.2

SMTP Authentication types

For receiving emails your choices are Basic, Digest and SPA, but at least there is a Use SSL option available so your credentials aren’t sent in the clear. Note Use SSL probably also enables TLS, as the SSL protocols are deprecated and disabled in most systems.

POP3 Authentication Scheme

It is unreliable

There is no guaranteed delivery with emails. Email servers can occasionally start treating legitimate emails as SPAM, and then the emails and payloads are never received by the receiving system.

There us usually no acknowledgement mechanism that the email has been received* and processed. So again if you want that then the receiving system has to send an acknowledgement back somehow.

* as this mechanism was heavily abused by Spammers and so disabled on most mail servers.

It is complex to implement

There are also sorts of pitfalls when you try to send emails with documents attached, in getting it sent in the first place (security), how it is sent (body or attachment), getting the attachment names correct, and even the encoding of the attachments can cause issues, at one point there were three different standards for attachments, and usually the receiving system would only support one or maybe two of those.

For example, some Stackoverflow question over the years.

BizTalk Framework Assembler Pipeline Component

Tom Canter pointed the BizTalk Framework Assembler Pipeline Component out to me in response to this article, which overcomes some of the above.

BizTalk: Max Degree of Parallelism & MaxConnections

I was recently asked to diagnose an issue with timeouts in BizTalk connecting to an API. So I ran BizTalk Health Monitor on the environment. There were two items that jumped out at me.

Max Degree of Parallelism

First that a DBA had twiddled with a setting that should not be changed for a BizTalk SQL Instance.

Critical Warnings: 1

Item CaptionItem ValueURLsRule ID
BizTalk Databases (General)   
Max Degree of Parallelism for masterDB on DBSERVERNAME4 (NOT SUPPORTED for MsgBox Dbs)KB 91784552
BHM Critical Warning

To fix this you have to do the following as per To configure the max degree of parallelism option

To configure the max degree of parallelism option

Using SQL Server Management Studio

  1. In Object Explorer, right-click a server and select Properties.
  2. Click the Advanced node.
  3. In the Max Degree of Parallelism box, select the maximum number of processors to use in parallel plan execution.

Using Transact-SQL

  1. Connect to the Database Engine.
  2. From the Standard bar, click New Query.
  3. Copy and paste the following example into the query window and click Execute. This example shows how to use sp_configure to configure the max degree of parallelism option to 16.
USE AdventureWorks2012 ;  
GO   
EXEC sp_configure 'show advanced options', 1;  
GO  
RECONFIGURE WITH OVERRIDE;  
GO  
EXEC sp_configure 'max degree of parallelism', 16;  
GO  
RECONFIGURE WITH OVERRIDE;  
GO  

We of course want to set it to 1.

Further reading on Max Degree of Parallelism

Maxconnections

Secondly, probably the root cause of the timeouts, BizTalk performs very poorly under load if it is only allowed the default two connections to web services.

Other Warnings: #

Item CaptionItem ValueURLsRule ID
Tuning   
‘maxconnection’ propertyIs not present in PRDCMSBIZ1: BTSNTSVC.EXE.CONFIG – You can configure the number of concurrent connections that the SOAP adapter opens for a particular destination server by adding “maxconnection” entrySOAP Adapter Configuration and Tuning Parameters404
‘maxconnection’ propertyIs not present in PRDCMSBIZ1: BTSNTSVC64.EXE.CONFIG – You can configure the number of concurrent connections that the SOAP adapter opens for a particular destination server by adding “maxconnection” entrySOAP Adapter Configuration and Tuning Parameters404
‘maxconnection’ propertyIs not present in PRDCMSBIZ2: BTSNTSVC.EXE.CONFIG – You can configure the number of concurrent connections that the SOAP adapter opens for a particular destination server by adding “maxconnection” entrySOAP Adapter Configuration and Tuning Parameters404
‘maxconnection’ propertyIs not present in PRDCMSBIZ2: BTSNTSVC64.EXE.CONFIG – You can configure the number of concurrent connections that the SOAP adapter opens for a particular destination server by adding “maxconnection” entrySOAP Adapter Configuration and Tuning Parameters404
BHM: Other Warnings

The link for SOAP Adapter Configuration and Tuning Parameters doesn’t exist anymore, but see my blog post Configuring maxconnection in BizTalk. It’s is a simple fix, and the throughput of your BizTalk server to web services will be markedly improved.

Mike the Tester

A blog about all things testing. Views are my own

Nick's Blog

Biztalk gotcha!

Whatever

FURIOUSLY REASONABLE

A Different Kind of Query

Technology, music, life, and musings

Vierodan IT Space

Spread up technology

BizTalk Server Help book!

Made easy and simple

nethramysooru

Blog on BizTalk Server

Blog Of the Serverless Spirit

Stray Notions on All Things Microsoft Azure and BizTalk

Microsoft Azure/BizTalk_Read

Let's learn and share !

Boutaleb Hicham

Biztalk & Azure Integration Architect : Logic Apps, Serverless, Azure Service Bus, BizTalk Server, and Hybrid Integration

Pieter Vandenheede

Stories, tips & tricks for BizTalk Server, Azure, Data Science & Machine Learning

Glenn Colpaert

Blogging with my head in the (Hybrid) Cloud and my feet on premises! Azure / IoT / Integration

BizMunch

BizTalk blog by Knut Urke

Dragon's BizTalk Blog

A blog about BizTalk, and other integration tools.

The Deployment Bunny

OS Deployment, Virtualization, Microsoft based Infrastructure...

Integration Made Easy

Demystify Integration Development