Support for SSO service to use static ports with a firewall or Azure Internet Load Balancer

Applies to: Host Integration Server 2016

This article also applies to:

  • BizTalk Server 2016

Symptoms


By default, the Single Sign-On (SSO) service uses dynamic ports for the remote procedure call (RPC) interface. The specific static ports that are used by the SSO service can be anywhere within the full range of dynamic ports.

Cause


This is the default behavior for RPC.

Resolution


A fix for this problem is included in Cumulative Update 1 for Enterprise Single Sign-On in Microsoft Host Integration Server 2016.

The updated SSOConfig management tool in Cumulative Update 1 can used to set a static RPC port for the SSO service. For reference, see the following examples:

  • To set the SSO service to use a static port:

    ssoconfig -rpcPort 1215

  • To set the SSO service to use a dynamic port:

    ssoconfig -rpcPort 0

References


Learn about the standard terminology that Microsoft uses to describe software updates.