Article ID: 306312
Article Last Modified on 11/5/2003
APPLIES TO
- Microsoft BizTalk Server 2000 Standard Edition
This article was previously published under Q306312
SYMPTOMS
You cannot access BizTalk Configuration information from a client that is configured to run under the credentials of an account that is not a member of the BizTalk Server Administrators Group.
CAUSE
The current security design of the BizTalk Object Model causes user credentials to be passed through and validated by the BizTalk Object Model. This occurs regardless of whether or not the client is a COM+ application running under the credentials of an account that is a member of the BizTalk Server Administrators Group.
The BizTalk Object Model requires that the credentials of the user who is running the client that accesses the BizTalk Object Model to also be a member of the BizTalk Server Administrators Group.
For example, if a COM+ application is designed to access the BizTalk Object Model to report the names of all BizTalk Messaging Channels, and the COM+ application is configured to run as an account that belongs to the BizTalk Server Administrator, the application will fail if the user who is currently logged on is not a member of the BizTalk Server Administrators Group.
RESOLUTION
Make sure that the user who is running the client application that is accessing the BizTalk Object Model is a member of the BizTalk Server Administrators Group.
STATUS
This behavior is by design.
MORE INFORMATION
This behavior prevents users who are not in the BizTalk Server Administrators Group from viewing or modifying the configuration of a computer running BizTalk Server.
Keywords: kbprb KB306312
