Sometimes, organizations face the need to provide access of their BizTalk server environment to outsourced partners in different parts of the globe. The simplest way (in current practice) to achieve this is to share the Remote Desktop Protocol (RDP) information of the server and provide them access to BizTalk Server Administration Console. The problem with this approach is that BizTalk Server Administration Console works on the concept of "All-or-Nothing". Once the users have access to administration console, they can pretty much do anything on the environment such as starting/stopping of host instances, terminating service instances and so on which could lead to serious consequences for the organization.
BizTalk360 provides a solution to this problem by allowing administrators to configure User access policies and then setting up read-only access depending on the requirement. Let's take a real-time scenario to understand how BizTalk360 addresses the above problem.
Use Case Scenario
ACME corporation has a BizTalk server environment in United Kingdom and they want their partners (first level people) in India to have access to the server environment. Bob is the Super User (administrator). He looks after all the configured BizTalk environments in the company. The business requirement is to allow read-only access of the environment to one of their partner user (Scott) who is in India. This means Scott will only be able to view the information in the environment and will not have the permission to make any changes to the configurations.
To achieve this, Bob's first task is to create a User account for Scott in BizTalk360. Bob must:
- Log in to the application
- Click the Settings icon at the top of the page
- Click User Access Policy from the left menu bar
- Click New to add a new user (Scott) to the system
User/Group Name – Enter the user name as 'scott'
Domain Name – Enter the domain name. If setting up the user on a local machine that is not a part of the domain, enter the machine name as the domain name.
- Is Super User – This option should not be turned on since scott is a normal user and requires restricted access to the application
Environments – Select the environment for which scott needs to have access
- Click Next to set up the applications that scott access in the environment (if required)
- Select the applications that scott will have access in the environment
- Click Next to set up the permissions
- In this section, Bob needs to select all the check boxes except the ones under Can Action section. By doing this, Bob sets the access restriction for Scott to be only able to view the information in the application (read-only access). Scott cannot make any changes to the configuration information
- Click OK in the Add Permissions screen to create scott's information into the system
- Predefined User Access Profiles section lists the default access permission for different support levels. Users can also create custom profiles to Operate, Access and/or View.
Click the sliders to view the process of creating Scott's user information.
Once Scott's information is available in the system, ACME Corporation can share the URL (to access BizTalk360) to their partner company along with Scott's user credentials to access the system. When Scott accesses BizTalk360, he will see all the information in the environment for which he has access, but will not be able to modify any information.