Sandoval's SharePoint Spot

SSO Single Server Sign On

Add Application Services in Central Admin

1. Operations Tab
2. Manage Settings for SSO

Ensure SSO Service is Running (If you get a “Failed to Connect…”)

1. Start/ Admin Tools/ Services
2. Open Microsoft Single Sign On Services
3. Log On Tab
4. Best Practice to use to Server Admin Account (from A.D.) not the Local System Account
   1. Provide Name Password
5. General Tab
   1. Start Service/ OK

1. Manage Settings for SSO
   1. Manage Server Settings
   2. Provide an SP SSO Admin Account
   3. Provide Enterprise Application Definition Admin Account (usually the same as SSO Admin Account)
   4. Creates a SSO DB (Server Name, DB name)
   5. Click OK
2. Manage Settings for Enterprise Application Definitions (link)
   1. Create a New Item for Each Back end system that will be used to with each application requiring connection.
   2. Display Name for SSO Admin
   3. Application Name that Site Admins will use to connect (No Spaces)
   4. Contact e-mail for back end db
   5. Account Type (best practice GROUP)
   6. Authentication Type (Leave blank so that no authentication is required).  This will allow for the passing of credentials
   7. Create a SP Name and Password for this Application Definition.  Ok to leave defaults (“Username” [mask NO], “Password” [mask YES]).  Not a best practice!
3. Manage Settings for SSO
4. Manage Account Info for Enterprise Application Definitions
   1. Provide account information that is going to be passed.
   2. Pick Enterprise App Definition created in Step 3.
   3. Provide Group name (See step 6 below)
   4. Click SET to provide User Name and Password for Enterprise Application.  (Best Practice to not provide Enterpise App Sys Admin.  Use a Enterpise App Read Only Account),
   5. Click OK/ Done

Active Directory (use to find AD Groups)

1. 1. Start/ Admin Tools/ AD Users and Computers
   2. Get name and verify membership

1. Manage Encryption Key
   1. Click Create Encryption Key
   2. Click OK/ OK

• • NOW TO USE SSO!

1. You will be using the Application Name (not Display Name) to make a connection to the db)

In SP Designer

1. 1. Go to Data View Menu
   2. Click Insert Data View
   3. From Task Pane Connect to a Data Base
   4. Click Configure Database Connection
   5. Server Info is where (SQL Server is running)
   6. Authentication (USE SSO)
   7. Click Settings
   8. Provide Application Name (Step 3c, no spaces) and
      Application Username and Password (Step 3g)
   9. Click Next/ Select Database/ Select Table
   10. Click Finish/ Ok to make the connection

Index Crawl: minimum 15 min.
5,000 sites takes 15 min. to replicate

When you create an SSP you need to create a crawl account
If crawl account is Admin Right, then it will crawl major and minor versions.

stsadm-0 command resets Admin password

Manage File Type to include PDFs

ifilter.org: install on front end server.

You configure profile imports in the Central Admin by going to Site Settings > Manage profile database > Configure profile import.

Added this LDAP query to MOSS’ profile import:

“(&(objectCategory=Person)(objectClass=Contact)(mail=*)(showInAddressBook=*))”

Per Dave L.