chrisg

MSMQ and Multiple forests

Someone internally had an interesting challenge come up while with a partner they sent out a note for some assistance looking for resolution and or workarounds to their issue. I thought I would share it with y'all

The problem was the following:

The K2 server is joined to a domain: servers.domain.dev

Users exist in: users.domain.local

Hence they are in different forests.

There is a one way trust where servers trust users.

They could install K2 but the EventBus never started up.

The errors that were being surfaced indicated that the queue did not exist (even though it was created) and another that the user did not have permissions to access the queue (even though the service account had full rights).

After some research the thought that MSMQ may not play well with multiple forests. However.....

One of our famous consultants "Scott Pittman" had previously encountered this issue and worked with our labs group to figure it all out. The result was that they needed to configure BP to use direct paths for cross forest usage. 

What they determined was that the only way to connect over different forests is by using a direct path format. However the problem with using a direct path is that one cannot use a direct path to create a new queue. You can change your path to the queue's using any format as allowed by MSMQ according to the access allowed by your environment. These paths need to be updated in the following two files:

SourceCode.Eventbus.Server.config

SourceCode.Eventbus.ClientRecorder.dll.config

 

In short you have the following options:

Public Queue's MachineName\QueueName

Private Queue's MachineName\Private$\QueueName

Direct format FormatName:DIRECT=OS: MachineName\QueueName This is used for accessing queue's in different forests. NB!! Queue's cannot be created automatically, queue's need to be created manually.

By default after the install we use the Public queue format, and it is up to someone that knows the environment to change the connection string to best fit their environment. So if you are out there with multiple forests make sure you understand the above.

 

Hope this helps!

 

Published Friday, April 25, 2008 5:43 PM by chrisg

Comments

No Comments
Anonymous comments are disabled

About chrisg

I am responsible for community development for SourceCode. I have been in technology for over 14 years mainly in infrastructure and security. I absolutely love technology especially new stuff and gadgets.