Thursday, October 01, 2009 8:30 AM Mikael Sand

Failed to create the master secret file…Why do these things always happen to me?

Sometimes I think there is a grand conspiracy on my part. Somewhere deep within the windows core code there is a line like

if ( Instance.RegisteredUser = "Mikael Sand" )

And then I just remember that it probably is my own fault.

There is a strange BUG when you install BizTalk in a single server environment on a virtual machine. Strange being the operative word here. You get this error

Failed to generate and backup the master secret to file: C:\Program Files\Common Files\Enterprise Single Sign-On\SSO0FAB.bak (SSO) Additional Information (0x80070005) Access is Denied.

So what happens is that the SSO Administrators group is never created during install (note that all other groups are created). No SSO Admin group = Unsuccessful authentication = Access is Denied.

The solution is simple though:

  1. Unconfigure BizTalk and delete the SSODB and BusinessRulesDB. The wizard does not delete them.
  2. Now create the SSO Administrators group manually and add the install account and the BizTalk Service Account to it.
  3. Log out and log back in. Restart the installation.

As commenter Jonathan Schellack points out this seems to be a problem in the 2010 version as well, so if you are trying to install the 2010 version, you might get this problem as well.
I have personally never experienced this problem either with the 2010 nor the 2009 version, except for that time that triggered me to write this post, so it is really hard to replicate.

If you look in the log following the failed installation you will only get an error stating that the group could not be created and then the installation quits. This does not seem to be a BizTalk installation issue but rather something to do with Windows it self.

Filed under: ,


No Comments