| Sander Knijn 2006-03-21, 3:09 am |
| Hello,
We installed Biztalk in our company. First let me describe our environment:
We have two forests/domains, called PRD and DEV. Between this domain is a
one-way trust, the DEV is trusting users from PRD domain to their resources.
Our users are all in the PRD domain.
We installed Biztalk on different servers, the Development server in the DEV
domain, the production server in the PRD domain. Our admin users have been
added to the 'SSO Administrators' groups and 'Bizztalk Server Administrators'
group in the PRD domain. The admins are also local administrator on all the
biztalk servers, also in the DEV domain. The admin users are NOT added to the
'SSO Administrators' group in the DEV domain because this is a domain group
which cannot hold users from another domain. Thats also our problem: how can
I administer Biztalk with a user from a different domain that is not added to
the 'SSO Administators' group? Unlike the "normal" Microsoft method: global
group - local group - resource, I cannot find the local SSO Administrators
group :-(
Anyone an idea on what resources the SSO Administrators group has access?
Is it possible to administer the servers in DEV domain or do we need to make
additional administrator accounts in this domain?
Thanks in advance,
Sander Knijn
|