This post was originally published here
Introduction
During our last premier event, INTEGRATE 2019, the Microsoft product group announced the new version release of BizTalk Server 2020. This version has been released in mid-January 2020. A most awaited moment comes into real; BizTalk 2020 is public now! To know more about the exciting new features, take a look at our Founder Saravana Kumar blog “BizTalk Server 2020 – Why it’s a Game-Changer?”.
In this blog post, I will be covering the new features shipped in BizTalk Server 2020, in terms of Operation and Administration. Yes, this version brought in quite a number of new capabilities to make the life of admin/support people easier. Let’s take a look at the features one by one in detail in the coming sections.
Scheduling
In BizTalk Server, there is an option available to schedule receiving or transmitting the messages on certain days and hours. However, there is no scheduling available to specify the preferred time zones and at a specific time on a daily, weekly or monthly basis. Therefore, the administrator relayed on other tricks to achieve this business scenario as below:
- Windows Task Scheduler – To drop a file to the specified Receive Location
- SQL Adapter – Implementing a simple stored procedure that creates a “dummy” message that initiates the process
- BizTalk Scheduled Task Adapter – An in-process receive adapter that executes a prescribed task on a daily, weekly or monthly schedule.
Advanced Scheduling
Now with BizTalk Server 2020, the new advanced scheduling comprises all the options which administrators wanted for scheduling.
New Options:
- The preferred time zone can be set based on the business scenario
- Automatically adjust for daylight saving time
- Recurrence options like daily, weekly, and monthly
Local time can be confusing, as all the places on earth use their own local time for the smooth functioning of the large-scale business spread across the world. (Ex: companies with abroad partners, railways, ). Until the previous versions, there won’t be any option available to set the preferred time zone for message processing. With this new option, the time zone can be set according to the business needs along with the automatic setting daylight-saving.
Another exciting capability is recurrence. To achieve this formerly, Admins used various tricks to process the messages. With this new capability, they can set daily, weekly and monthly schedules as per the needs.
- Daily – Configure the number of recurring days and from which date the recurrence will be active
- Weekly – Configure the number of recurring days, from when the recurrence will be active and on which weekdays the recurrence must be active
- Monthly – Configure which months and which days the recurrence should take place
Backup to Azure Blob Storage
To align with the latest trend, BizTalk Server 2020 has this exciting capability to extend its support in hybrid solutions. With this feature, you can configure the BizTalk Server job to back up your BizTalk databases and log files into the Azure Blob storage account.
To configure this job, you will need to:
- Create a general-purpose Azure Storage account
- Create a container within your Blob Storage account
- Create stored access policy and shared access storage
- Create SQL Credential using the SAS
Create a general-purpose Azure Storage account
An Azure Storage account contains all your Azure Storage data where all the saved data is highly available, secure, and scalable at any point in time. Then the storage account is ready to create the container.
Creating a Container
All the database backup files are stored in the Blobs. For that, you must first create a container.
Once the container is created, click on the ellipsis button at the end of the row and look for the property “Container properties”.
In the opened window, copy the URL value as highlighted in the below screenshot. This URL will be used to create the credentials in the SQL Server and as well as configure the backup jobs.
Shared Access Signature
A shared access signature is a URI that grants restricted access rights to the container in the Azure Storage account. A stored access policy provides an additional level of control over shared access signatures. When using this, you need to create a policy on a container with at least read, write and list rights.
In the Azure Storage account you have created, look for the menu “Shared access signature” and click on the “Generate SAS and connection string”, as shown in the below screenshot.
All the connection strings and URLs will be generated and listed in the below section. There you require the SAS token to create the credentials.
Create SQL Credential
This is the final step, where you need to create a credential in SQL Server in order to connect with the blob storage. As mentioned in the screenshot, Open the new query and click on the menu “Azure Storage”.
In the next wizard, you are prompted to sign in the respective Azure account where the container is created. Once after the sign-in, select the respective storage account and the container and click ok.
After the successful sign-in, execute the below query with the correct parameters.
Once the query is successfully executed just navigate to Security -> Credentials. You can see the new shared access signature in the credential folder. Now everything is set for the database backup to Azure Blob.
Once the credentials are created, you need to configure the BizTalk Server backup job as mentioned in this article.
After the successful configuration, you need to run the backup job. Once the execution is completed, all the BizTalk Server database backups are available in the Blobs as you see in the below screenshot.
Audit Log
Until the previous versions of BizTalk Server, it is a completely black box for the administrators where they are not sure about who does what in the environment since all support persons have elevated access to the BizTalk and SQL Servers and no auditing is taking place.
BizTalk Server 2020 can audit the application and its artifact activities performed by the users. All the auditing activities are stored in the BizTalk Management DB -> bts_auditlog table.
Admins can get an insight about,
- Who has done the action?
- In which Server with the Artifact id, artifact name, and the corresponding operation
- Payload information
- At which specific date and time the particular action took place
The new audit API lists all the auditing activities performed by the users. The result will be returned in the JSON format.
After installing and configuring the BizTalk Environment, the next is to enable the Global level Audit Management operations, as shown in the picture.
The following are the detailed list of the activities audited by the BizTalk Server,
Applications
Receive Ports
Receive Locations
Orchestrations
Send Port Groups
Service Instances
Binding file importing activity is audited as well.
Artifacts which don’t have auditing capabilities:
Policy | No Auditing |
Resources | No Auditing |
Schemas | No Auditing |
Party | No Auditing |
Host Instance | No Auditing |
Note: Only the admin users can view the auditing activities performed by other users.
New Read-Only Operator Role
The new role “BizTalk Server Read-Only Users”, is completely providing read-only access to the users. This role will be useful to facilitate the dev-ops scenario.
With this new role, users are restricted to perform actions against,
- Application and Artifacts
- Service Instances
- Changing port configuration
If a user, who is in the Read-only Operator role, tries to do any actions, these actions will be restricted by BizTalk Server and the user will get an error message like below.
When the user tries to change the host instance status, the error message will be different, as shown below.
Group Managed Service Accounts
Group managed service provides automatic password management. The main reason behind this is to delegate the management of passwords to other administrators. When this option is enabled, users don’t need to provide the passwords to handle the services. This specific option will be shown when you run the BizTalk Server custom configuration. The features support gMSA have a “Is gMSA account” setting. Once this setting is enabled, the password property disables.
gMSA is supported for the features,
- BizTalk Runtime
- Business Rules Engine
- BAM Tool
- Rest API
- BizTalk TMS
Note: gMSA is not available when BizTalk is configured with a Basic Configuration.
You can find more information about gMSA in this article.
Conclusion
Microsoft released many useful features to ease the Operation and Administration capability for support/admin people. BizTalk Server 2020 promises the on-going commitment of Microsoft in this platform. We are in the process of creating some great guides and materials related to BizTalk Server 2020. (Ex: Detailed upgrade guide from previous versions). If you are interested, comment below with your answers for the following two questions along with your mail id, we will keep you in the loop.
- What version of BizTalk Server are you using?
- Is BizTalk Server 2020 migration in your scope?
Here are a few detailed blogs on BizTalk Server 2020, hope you will find them useful.
- Why is BizTalk Server 2020 a game-changer
- What’s new in BizTalk Server 2020
- Configuring ESB in BizTalk Server 2020
The post BizTalk Server 2020 – Operations and Administration Capability appeared first on BizTalk360.