How to update Authentication Credentials on BizTalk Server Receive Locations with PowerShell

As security becomes more important every day, it also introduces new challenges for BizTalk Server administrators. In particular, these challenges arise during the deployment of new applications and throughout the lifecycle of existing ones.

In the past, many internal services used anonymous access. Today, however, most of them require authentication.

At the same time, many organizations enforce Minimum Password Age and Password History policies. As a result, administrators must regularly reset passwords, even for service accounts, while avoiding password reuse.

Consequently, BizTalk Server administrators often need to manually update credentials across multiple send and receive ports. Unfortunately, this task is neither quick nor simple.

Fortunately, administrators can automate these updates. By doing so, they reduce manual effort, speed up deployments, and minimize configuration errors.

PowerShell script overview

With this PowerShell sample, we will be able to set or update the authentication credentials on a list of BizTalk Server Receive Locations deployed in your BizTalk Server environment.

foreach($receivePort in $catalog.ReceivePorts)
{
    # For each receive location in your environment
    foreach($recLocation in $receivePort.ReceiveLocations)
    {
        # In this case ...
        if($rcvLocations.Contains($recLocation.Name))
        {
            [xml]$bindingConfiguration = $recLocation.TransportTypeData
            if($bindingConfiguration.CustomProps.Password.vt -eq "1")
            {
                $bindingConfiguration.CustomProps.Password.InnerText = "my_password"
                $bindingConfiguration.CustomProps.Password.vt = "8"
            }
            else
            {
                $passwordElement = $bindingConfiguration.CreateElement("Password")
                $passwordElement.SetAttribute("vt", "8")
                $passwordElement.InnerText = "my_password"
                $bindingConfiguration.CustomProps.InsertAfter($passwordElement, $bindingConfiguration.CustomProps.SuspendMessageOnFailure)
            }
            if($bindingConfiguration.CustomProps.UserName.vt -eq "8")
            {
                $bindingConfiguration.CustomProps.UserName.InnerText = "my_username"
            }
 
            $transportConfigData = $bindingConfiguration.InnerXml
            $recLocation.TransportTypeData = $transportConfigData
        }
    }
}

This script was tested in BizTalk Server 2016.

Download

THIS POWERSHELL SCRIPT IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND.

You can download the PowerShell script from GitHub:

Hope you find this helpful! If you liked the content or found it useful and would like to support me in writing more, consider buying (or helping to buy) a Star Wars Lego set for my son. 

Author: Sandro Pereira

Sandro Pereira lives in Portugal and works as a consultant at DevScope. In the past years, he has been working on implementing Integration scenarios both on-premises and cloud for various clients, each with different scenarios from a technical point of view, size, and criticality, using Microsoft Azure, Microsoft BizTalk Server and different technologies like AS2, EDI, RosettaNet, SAP, TIBCO etc. He is a regular blogger, international speaker, and technical reviewer of several BizTalk books all focused on Integration. He is also the author of the book “BizTalk Mapping Patterns & Best Practices”. He has been awarded MVP since 2011 for his contributions to the integration community. View all posts by Sandro Pereira