- Stop the Enterprise SSO Server on the BizTalk Server (not on the SQL Server).
- Log on to the master secret server (in this case the SQL Server) with an account that is both Windows administrator and SSO administrator.
- Start/Run MMC.
- Add the Enterprise Single Sign-On snap-in.
- In the scope pane of the ENTSSO MMC Snap-In, expand the Enterprise Single Sign-On node.
- Right-click System, and then click Restore Secret.
Restoring the master secret key is no rocket science, you just have to make sure you do things right, otherwise your BizTalk environment will be corrupted. In the scenario at hand, I had a BizTalk environment with a separate BizTalk Server and a separate SQL Server. The BizTalk SSO feature is installed on SQL Server. That’s why you will have to perform the SSO master secret restore at the SQL Server. Stepping plan: