Comparing BizTalk and MOSS SSO Configuration

I was recently working on a SharePoint Business Data Catalog (BDC) project and needed to configure the single sign-on (SSO) functionality of SharePoint. For anyone not familiar with the SSO functions in BizTalk or SharePoint that I am talking about, I will explain it briefly. I am not speaking about SSO in the sense that a website or application user logs in once and only once. I am speaking about SSO functionality in these two server products which enables the secure storage of credentials used for connecting to external systems. There are two types of SSO – authorization and impersonation. So that everyone knows, I am talking about the SSO impersonation capabilities of these two server products.
Coming from a BizTalk background I had worked with SSO in BizTalk quite a bit but was not initially prepared with how different the configuration was for SharePoint. This post will attempt to do a thorough comparison of all of the SSO functionality between the BizTalk and SharePoint products.



Configuration Interface

Command-Line and BizTalk Configuration Wizard

SharePoint Central Administration website

Encryption Key Management

Possible only via Command-Line

Possible only via website function "Manage Encryption Key"

Encryption Key Backup

Command-Line File Based, Can backup to any file location

Website Based, Can backup only to a removable drive

SSO MMC Capability?

Exists as an MMC, can be loaded remotely with appropriate BizTalk install

MMC does not exist, cannot be configured remotely.

Requires RDP access for SSO configuration?



Group Setup for SSO

SSO Administrators, SSO Affiliate Administrators, SSO Service Account

SSO Administrators, SSO Administrator Account, SSO Service Account

Requires SSO Service Account to be process identity for configuration?



SSO delegation options

Credential based on port configuration

Credential variability options – Group and Individual options.

Runs as Windows Service?



Required on all servers in Farm?



Operates out of an SSO database?



Command-line options for SSO?



Automatic Credential Update?



The above table shows there are a considerable number of differences in the SSO configuration and functionality options of SSO across the two products. Perhaps in the future the two SSO products can provide a combination of the features in the chart above because both offer valuable options and would make an excellent combination together. A more consolidated SSO experience would also be helpful from a product administration perspective.



2 thoughts on “Comparing BizTalk and MOSS SSO Configuration

Add yours

  1. Hello Sir,
    I am a little bit confused about my career. I have different options like MOSS, Biztalk,BI. I donot have much interest in BI so the options left are MOSS,Biztalk. Can you guide me that which one should i chose and why.

    I know that this is not a good place to ask this question but if the can answer this i will be more then happy.

    1. I would ask if you like to work with building human based processes or machine based processes. If human ones are more interesting, choose MOSS. Otherwise choose BizTalk.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

Up ↑

%d bloggers like this: