When installing BAM Alerts on BizTalk 2013, we encountered an error; it
was preventing us from moving ahead with our plans for BAM. We investigated,
asked the relevant people and nothing helped.
The error is below:
Exception object: 02d61034
Exception type:
Microsoft.BizTalk.Bam.CfgExtHelper.BAMConfigurationException
Message: Error executing process: C:\Program Files (x86)\Microsoft
BizTalk Server 2013\Tracking\bm.exe
InnerException:
Microsoft.BizTalk.Bam.CfgExtHelper.BAMConfigurationException, Use
!PrintException 02d60dc4 to see more.
StackTrace (generated):
<none>
StackTraceString: <none>
HResult: 80131600
0:001> !PrintException 02d60dc4
Exception object: 02d60dc4
Exception type:
Microsoft.BizTalk.Bam.CfgExtHelper.BAMConfigurationException
Message: Microsoft (R) Business Activity
Monitoring Utility Version 3.10.229.0
Copyright (C) Microsoft Corporation. All
rights reserved.
ERROR:
Failed to set up BAM database(s).
The
alert infrastructure was not created.
Cannot
start service BAMAlerts on computer '.'.
The
service did not respond to the start or control request in a timely fashion
InnerException: <none>
StackTrace (generated):
<none>
StackTraceString: <none>
HResult: 80131600
The root problem was the BAM alerts service was being
created, but failing to start in the allocated timeout, and thus it failed. We
had this working on our development machine fine, however this was UAT and it
was not fine.
In UAT like most good setup’s we had various domain policies
applied, that locked down the environment, for good reason. The service was
trying to start, and waiting for verification that it could start.
What it was trying to do was a verification operation that took quite long
time(> 60 seconds) because it was calling winhttp to download Certificate
Trust List (CTL) but the download action was not successful.
This would
not work, as it’s a locked down environment and we do not allow this. Then
because the service does not start in time, it fails the install….
The solution, as simple as it is now… was to implement a setting
in the bamalerts service that would tell it to bypass the checking of the security.
Create a bamalerts.exe.config, in the folder where
BAMAlerts.exe is installed usually: C:\Program Files (x86)\Microsoft
BizTalk Server 2013\Tracking.
Place this
simple config into the file.
<configuration>
<runtime>
<generatePublisherEvidence
enabled="false"/>
</runtime>
</configuration>
Retry the configuration of bam alerts, and it should work. (Be sure to clean up the alerts database, and see my other post, and remove the role NSEventReader from the BAM Primary import database or you will get a different error and it still will not work.)
This is a known issue, and there are some fixes out there
for this, but it will also prevent other windows services from starting, not
just BAMAlerts. In in locked down configurations, like ALL BizTalk environments should be, you can not just allow internet access for all things. It should be SOME not ALL things have internet access.
