SSO Configuration Application MMC Snap-In


Enterprise Single Signon component in BizTalk Server can be used to provide single signon capabilities, as the name suggests, where in the mapping of non-windows credentials can be done to windows credentials and so on. Ent SSO can also be used for storing any application specific configuration data that needs to be encrypted and should to be kept secure. You also may rely on Ent SSO for storing any non-secure configuration data for a BizTalk application if you do not want to put that in BizTalk configuration file (BTSNTSvc.exe.config or BTSNTSvc64.exe.config) as it requires host instances restart to reflect the changes you make. Ent SSO provides a quick and reliable way to store and retrieve data. However you should be careful for not using this for storing any transactional data as it can be too heavy on the enterprise single sign-on server.


In this blog, we are going to talk about new utility "SSO Configuration Application MMC Snap-In". This snap-in is available for download here.


Here is the overview of the snapin (taken from the documentation):


Currently in Enterprise Single Sign-On (SSO), there are three utilities to perform SSO-based tasks:

  • SSOConfig
  • SSOManage
  • SSOClient
All these tools focus on managing credentials. There has been a lack of tooling for ability to create and manage configuration-based applications. This has now changed with the creation of the SSO Configuration Application MMC Snap-In. This tool provides the ability to add and manage applications, add and manage key value pairs, as well as import and export configuration applications so that they can be deployed to different environments. Also provided is a client-side class that makes accessing the SSO system to retrieve your key/value pairs easy.

 The downloaded zip file extracts to 3 another zip files:


- SSOMMCSnapInSetup.zip: Extracts to setup and msi file for installing mmc snapin.


- SSOConfigurationApplicationClientHelper.zip: Extracts to SSOClientHelper.cs that can be used in your application to read the values stored in SSO. 


- SSOConfigurationApplicationMSBuildImportTask.zip: Contains MSBuild custom task that can be used to automate the deployment of your applications’ SSO configuration data.  All you need to do is export the application and then use the MSBuild task to automatically import it into your environment


Attached screenshot (SSO Application Configuration Snap In Screenshot.png) shows how the snap in looks like after installation. I have created a dummy application called POApplication and a key-value pair in the application called SQLConnectionString.


Please do leave comments, if any questions or issues or suggestions. Thanks!

SSO Application Configuration Snap In Screenshot.png

Comments (3)

  1. eliassal says:

    Hi Teekam, I setup the snapin, added it through MMC, add……

    I have 2 applications already added using sdk examples.

    MMC doesn’t display those 2 applications. Should applications be created in this console in order to be read?

    Thanks in advance

  2. Srikanth says:

    Hi Teekam, I am using SSOConfigurationImportTask.dll in my TFSBuild Scripts to import SSO Configuration. I am having trouble in importing updated SSO Application. Any changes done to the SSO application is not getting updated. Same issue is found in using SSO config MMC Snap in. I had to Delete the application and re import SSO application. Should the import Task and Import application(MMC) update the application key/value(s)?

    Thanks in advance.

  3. Manjunath P says:

    What is the encryption algorithm used for encryption?

Skip to main content