PRB: Cannot Access BizTalk Object Model without BizTalk Server Administrator Rights (306312)
The information in this article applies to:
- Microsoft BizTalk Server 2000
This article was previously published under Q306312 SYMPTOMS
You cannot access BizTalk Configuration information from a client that is configured to run under the credentials of an account that is not a member of the BizTalk Server Administrators Group.
CAUSE
The current security design of the BizTalk Object Model causes user credentials to be passed through and validated by the BizTalk Object Model. This occurs regardless of whether or not the client is a COM+ application running under the credentials of an account that is a member of the BizTalk Server Administrators Group.
The BizTalk Object Model requires that the credentials of the user who is running the client that accesses the BizTalk Object Model to also be a member of the BizTalk Server Administrators Group.
For example, if a COM+ application is designed to access the BizTalk Object Model to report the names of all BizTalk Messaging Channels, and the COM+ application is configured to run as an account that belongs to the BizTalk Server Administrator, the application will fail if the user who is currently logged on is not a member of the BizTalk Server Administrators Group.
RESOLUTION
Make sure that the user who is running the client application that is accessing the BizTalk Object Model is a member of the BizTalk Server Administrators Group.
STATUS
This behavior is by design.
MORE INFORMATION
This behavior prevents users who are not in the BizTalk Server Administrators Group from viewing or modifying the configuration of a computer running BizTalk Server.
| Modification Type: | Major | Last Reviewed: | 11/5/2003 |
|---|
| Keywords: | kbprb KB306312 |
|---|
|