I was recently working on a SharePoint Business Data Catalog (BDC) project and needed to configure the single sign-on (SSO) functionality of SharePoint. For anyone not familiar with the SSO functions in BizTalk or SharePoint that I am talking about, I will explain it briefly. I am not speaking about SSO in the sense that a website or application user logs in once and only once. I am speaking about SSO functionality in these two server products which enables the secure storage of credentials used for connecting to external systems. There are two types of SSO – authorization and impersonation. So that everyone knows, I am talking about the SSO impersonation capabilities of these two server products.
Coming from a BizTalk background I had worked with SSO in BizTalk quite a bit but was not initially prepared with how different the configuration was for SharePoint. This post will attempt to do a thorough comparison of all of the SSO functionality between the BizTalk and SharePoint products.
| Feature | BizTalk | SharePoint |
|---|---|---|
| Configuration Interface | Command-Line and BizTalk Configuration Wizard | SharePoint Central Administration website |
| Encryption Key Management | Possible only via Command-Line | Possible only via website function "Manage Encryption Key" |
| Encryption Key Backup | Command-Line File Based, Can backup to any file location | Website Based, Can backup only to a removable drive |
| SSO MMC Capability? | Exists as an MMC, can be loaded remotely with appropriate BizTalk install | MMC does not exist, cannot be configured remotely. |
| Requires RDP access for SSO configuration? | No | Yes |
| Group Setup for SSO | SSO Administrators, SSO Affiliate Administrators, SSO Service Account | SSO Administrators, SSO Administrator Account, SSO Service Account |
| Requires SSO Service Account to be process identity for configuration? | No | Yes |
| SSO delegation options | Credential based on port configuration | Credential variability options – Group and Individual options. |
| Runs as Windows Service? | Yes | Yes |
| Required on all servers in Farm? | No | Yes |
| Operates out of an SSO database? | Yes | Yes |
| Command-line options for SSO? | Yes | Partial |
| Automatic Credential Update? | Yes | No |
The above table shows there are a considerable number of differences in the SSO configuration and functionality options of SSO across the two products. Perhaps in the future the two SSO products can provide a combination of the features in the chart above because both offer valuable options and would make an excellent combination together. A more consolidated SSO experience would also be helpful from a product administration perspective.
Thanks,
MS Innovations Blog 
Hello Sir,
I am a little bit confused about my career. I have different options like MOSS, Biztalk,BI. I donot have much interest in BI so the options left are MOSS,Biztalk. Can you guide me that which one should i chose and why.
I know that this is not a good place to ask this question but if the can answer this i will be more then happy.
I would ask if you like to work with building human based processes or machine based processes. If human ones are more interesting, choose MOSS. Otherwise choose BizTalk.