Workaround for Kerberos SSPI Context Errors in BizTalk

A couple weeks ago one of my clients was experiencing constant “Cannot generate SSPI Context” errors in BizTalk. These are Kerberos errors and they are extremely annoying because they happen constantly whenever you are trying to use any database function with BizTalk. These would fill up the event logs on my client’s server and was a huge time waster because they would prevent me from doing just about anything with BizTalk.  I would receive these errors when trying to start a host or change almost anything in the BizTalk admin console. I think the source of the problem is that something about the domain membership was different than some of the accounts on the server and this led to Kerberos authentication problems.

As a temporary fix I was able to restart the BizTalk server but the errors eventually came back again. The errors basically paralyze a BizTalk server and they are complicated to diagnose and sometimes you just do not have enough time to do diagnostics – like in a production environment. The fix provided next is similarly a workaround, it does not solve the root problem but at least provides another way to get the server working.

To attempt to resolve the problem, I tried a couple different things such as removing the server from the domain and adding it back in, but none of these things were successful at removing the problem completely. I did also try switching my Enterprise Single Sign On account and master key but this did not conclusively solve the problem.  I was looking at the article at and tried some of the suggestions but was not getting anywhere. Then I tried disabling TCP/IP for SQL connections and just use named pipes based on using SQL Configuration Manager or the SQL Network Configuration tool. TCP/IP seemed like such a fundamental protocol that I was not optimistic the problem would go away by switching protocols, but it worked for me. Many people also think that named pipes only works on a single server and functions like IPC but this is not exactly right.

My use of this workaround was on BizTalk 2010, W2K8 R2, with SQL 2K8 R2 when SQL is on a separate server than BizTalk.

The KB article above solely mentions this workaround in the context of SQL and Kerberos so I am blogging that this fix is working for me on my BizTalk server too. ‘


CRM 4 adapter works with BizTalk 2010

A couple months back I did a test for a client about whether the legacy Dynamics CRM 4 adapter would work successfully on BizTalk 2010. I know this is not the recommended configuration and that the CRM 2011 SDK does not mention this as an acceptable or supportable configuration. Many companies have made a significant investment in CRM 4 and may not be able to upgrade their CRM software. So I am just putting this information out there in case you are wondering.

Others have reported needing to use a registry workaround for getting the adapter to install for BizTalk 2009: I followed this workaround with BizTalk 2010 on Windows Server 2008 R2 and it worked fine. The CRM 4 adapter install worked fine. I was also able to run the schema creation wizard in VS 2010.

I did not try running the software in this configuration in a production environment and have not tested this configuration completely. But usually in my experience if the install works fine and the designers still work in VS then you can probably work with this configuration, if only for a temporary workaround while you create a migration strategy.


BizTalk LOB book complete in April 2011

I have been working as a technical reviewer for a book that will be complete in April 2011 called BizTalk  2010 Line of Business Systems Integration from Packt Publishing. Pre-order is now available for the print form but some of the individual chapters are available now. Please check out this link for more information about the book:

It provides useful documentation of integration with Dynamics AX and CRM as well as various cloud-based services. The SAP chapters are very valuable and extend the currently available MSDN documentation for  BizTalk integrations with SAP. This book would be an excellent supplement to your technical library. Thanks

BizTalk 2010 certification coming soon

I saw today that the BizTalk 2010 certification details were posted at According to the article the exam will be available at the very end of March 2011. I know many people in the BizTalk community have been eager for another BizTalk certification test so the good news for everyone is that Microsoft listened and made this new exam. Good luck everybody!

Sorry for such a short post, I could have worked it into a tweet. Thanks

Time saving PowerShell Snippets for BizTalk Part 1

Some of the beauty of using PowerShell is the ability to rapidly do things that would take a long time to do in .NET code. But you can do this without opening Visual Studio. I have found many uses for PowerShell in working with BizTalk. One area it comes in handy is working with BizTalk binding files. I know you can just use the ExplorerOM but this is painful due to its 32-bit limitations. A frequent pain-point in deploying across environments is needing to create external artifacts for supporting your BizTalk ports.

So for example you use MSMQ and need to create all the queues that your ports refer to. Or directories for all the FILE ports you use. It is nice to just include some more PowerShell to handle this and just rest assured the external artifact will get created when you deploy your BizTalk updates. In my PowerShell code below it handles creation of folders. Enjoy!


$newroot = ""

if($rootCreatePath -ne "") {
    $rootCreatePathExists = [io.file]::Exists($rootCreatePath)

    if($rootCreatePathExists -eq $true) {  $newroot = $rootCreatePath }
    else {

        Write-Host "Creating directory" $rootCreatePath

        $newroot = $rootCreatePath


$bindingFileExists = [io.file]::Exists($pathToBindingsFile)

if($bindingFileExists -eq $true) {
    # Read in the binding file content
    $bindingContent = [xml](Get-Content $pathToBindingsFile)
    $bindingContent.SelectNodes("//PrimaryTransport") | ForEach-Object {
        # Only process if the port type is FILE
        if ($_.TransportType.Name -eq "FILE") {
            $directory = [io.path]::GetDirectoryName($_.Address)
            # replace with rootCreatePath if this value exists
            if ($newroot.Trim() -ne "") {
                $directory = $directory.Replace($defaultRoot,$newRoot)
            # Check if the directory exists
            $directoryExists = []::Exists($directory)
            if ($directoryExists -ne $true) {
                Write-Host "New directory:" $directory
else {
    Write-Host "Binding file does not exist:" $pathToBindingsFile

Integrating BizTalk 2010 with CRM 2011 Online Organization Service


After making the post earlier today about how to interact with the CRM 2011 Online Discovery Service I remembered this was only part of the story. After getting the security information back from the discovery service it is necessary to call the organization service to work with the entities. Some of the organization service functionality is actually new to CRM 2011.

In CRM 4 the Discovery Service existed already but some aspects of the Organization Service are different. I found that the generation of the schemas for the organization service to also be more difficult.


The service URI for the organization service is but this only gives you part of the WSDL. If you take the WSDL from this address into Visual Studio it will not generate the BizTalk schemas successfully. In fact if you try to add a service reference using the WSDL from this address you will get an error and in the app.config will see comments mentioning that svcutil did not understand the policy assertions.

I looked at the WSDL generated from the above service reference and noticed there was a referenced WSDL file. So if you then try, this will give you the full body of the WSDL you actually need to generate the schemas. I copied the much longer WSDL file to my Sky Drive so you can generate your schemas based off of this: Here is the updated download with my generated artifacts: The organization service will generate quite a few port types.

When I tried compiling after generating the schemas for the organization service, I received a large number of errors. This also occurs when adding a service reference to the organization service. I have a feeling that you may need to reference a CRM assembly to reuse the types appropriately when generating the schemas, but I do not really know how this works at this point.


So now you have the schemas for how to call the Discovery and the Organization Services from BizTalk. It looks like all that is left is just an orchestration and a few ports once you can get the organization service schemas to compile. Thanks!

Integrating BizTalk with CRM 2011 Online Discovery Service


On the MSDN forums there has been quite a bit of traffic and many questions about how to integrate BizTalk with Dynamics CRM 2011. Since I did not have a local CRM 2011 environment setup I thought it would be a good time to look into whether a trial of CRM 2011 existed. Yesterday I setup a trial of BPOS to test out forms services in the cloud. I found out that there was an offer running on a free trial of Dynamics CRM Online so I joined up. This trial was nearly effortless because i was already signed up as an Azure customer through my MVP/MSDN member benefits. Here is a link to the trial offer:

In this post I will document some of the integration experience I have encountered from working with BizTalk and CRM 2011 for basically just a few minutes. I have been very active in discussions in the MSDN forums about how BizTalk relates to CRM 2011 so I was aware of some of the current challenges. A few people had mentioned they were having trouble generating the BizTalk schemas. So this is something I tried out and was successful doing. The bigger discussion about BizTalk and CRM 2011 revolves around the adapter used for integration. In CRM 4 there was a specialized adapter but no specialized one has been found so far for CRM 2011. As far as I can tell the intended approach is to use the WCF adapters.

My hope is that the use of the WCF adapters will enable CRM implementations to achieve high availability. This has been a perplexing and difficult for one of my customers due to known limitations in the CRM 4 adapter.


After signing up for the CRM Online 2011 trial, I was brought to the main form for working with my CRM data, which is https://<organization> This form reminds me quite a bit of working with SalesForce contacts and accounts but the overall feel is much more responsive and a much richer experience. The SalesForce contact and account management features were mind numbing when I worked with them. In contrast, the CRM Online forms are invigorating and stunning.

From my previous investigation into CRM 2011 and BizTalk integration I had found the following source code example: This example shows us how to communicate with the CRM Discovery service which then provides credentials to use when contacting the organization service to work with the CRM entitites. The following line of code is the most important towards pulling out some useful artifacts for BizTalk integration:

CrmDiscoveryService discoveryService = new CrmDiscoveryService();
discoveryService.Url = String.Format("https://{0}/MSCRMServices/2007/{1}/CrmDiscoveryService.asmx",
                        _hostname, "Passport");

The value for the _hostname variable refers to the organization URI <organization> I built up this address by hand and entered it into the browser so that I could see the service description page. So the full address would be This gave me the service description page where I could get the WSDL for the discovery service. I copied this file to my SkyDrive so that others could use it: This file is critical in generating the schemas for BizTalk. Apparently this is not a new technique for CRM – it is fairly well documented:

Next I opened up my VM with BizTalk 2010 and created a new solution for the integration. I copied the WSDL file mentioned above to a location where I could use it on my VM. First I tried creating the schemas by adding a service reference to my BizTalk project. This unfortunately did not create any schemas for me but it did add the service reference successfully. So the next attempt was to Right-click on my BizTalk project and go to Add Generated Items…\Consume WCF Service. Then in the wizard I specified the WSDL file from above. This helped me to generate the schemas successfully.

The schemas that were generated looked quite a bit different from really any I had seen before. Maybe the syntax will not be new to you but I thought it looked unusual. Many of the elements in the BizTalk schema designer have brackets like you would see for an xs:Any element because they are complex types. Here is a picture of the generated schema:

The schema given above actually gives you quite a bit more detail than the service description page which just mentions the Execute method.


Interacting the CRM 2011 Online Discovery service is actually very easy and is quite similar to the way it was implemented in CRM 4. I zipped up the generated schemas and placed them on my SkyDrive here: If you are having trouble generating the schemas you can just use mine. What has been shown here is only part of the overall solution for integrating between BizTalk and CRM 2011 Online but it gets you started nicely.


New BizTalk articles on TechNet Wiki

Here are a few TechNet Wiki articles that have become available recently. I have usually found it difficult to find relevant content on the TechNet Wiki so I thought it would be good to highlight a few of these.

Improving performance when executing a BRE rule:

Implement ordered messaging with BizTalk and SSIS:

BizTalk load testing in VS 2010:

Load testing for simultaneous BizTalk unit tests:

Install and configure BAM in a multi-server environment:


Why would you want a WCF LOB SDK Adapter?


In my last post I mentioned the registry content for registering a custom WCF LOB SDK binding as an adapter. I am still working out the details of how this should be done for a custom adapter and will be hoping how to do this in a walkthrough in a later post. 

To give you some preview of the process, the adapter class just needs to inherit from Microsoft.Adapters.Common.BizTalk from the BizTalk adapter pack rather than Microsoft.ServiceModel.Channels.Common.Adapter from the WCF LOB SDK. The abstract classes for Microsoft.Adapters.Common.BizTalk are included with the BizTalk Adapter Pack. The GUID values mentioned in the .reg file are set in the derived adapter classes and when calling the base class constructor for the adapter, WcfBtsAsdkAdapterBinding.

While it looks like it is possible to register a custom WCF LOB SDK binding as an adapter, the question comes up as to why would you ever want to do this when you can just use the custom binding in the WCF-Custom adapter anyway. This is one question I have asked repeatedly in reference to why the BizTalk adapter pack gives the developer the option of using the separate adapter rather than the bindings with the WCF-Custom adapter. At this time I am not sure if some of the scenarios I have come up with explain why the BizTalk adapter pack bindings are also exposed as custom adapters.

I wanted to take this post and describe a few scenarios that would be useful for having the capability of an adapter rather than a WCF-Custom binding.


Deciding whether to expose a WCF LOB SDK binding vs. a full adapter is an important question that depends largely on the consumers of your data. If you want the same data and management of the connection to your data to be the same whether it is being called from .NET or BizTalk then use of the standard custom binding makes sense. You will only need to code the logic once as the custom binding. But there are typically many differences between .NET applications and BizTalk applications so it seems like there would be compelling reasons to have other settings or different settings based on whether the binding is being called from a BizTalk system. For example, SSO settings like the SSO Application Name and key should not be exposed unless the binding is being called from BizTalk. These properties will not make sense if you are providing a way to connect to your custom LOB data without going through BizTalk.

The full adapter does have a configuration limitation that prevents it from fully functioning as an equivalent to the WCF-Custom binding. The custom binding configuration exposes the custom behavior config window for all WCF-Custom adapter handler properties. At this point I am not sure if it is possible to have the custom full adapter to provide a customized property page for the adapter handler properties. Interestingly, all of the BizTalk adapter pack custom adapters have the properties button grayed out in the adapter handler window.  So it is not even possible to choose the same adapter handler configuration as found on the WCF-Custom adapter handlers so if you did use a full adapter rather than WCF-Custom you would still need to register the custom WCF behaviors in the machine.config. This could possibly be an overlooked scenario in the current implementation.

So theoretically it is possible to come up with a reasonably good scenario for splitting apart the properties and implementation based on the caller type. But due to the current BizTalk admin console limitation on the adapter handlers configuration, there may unfortunately be some tradeoffs.


Blog at

Up ↑