To configure Single-Sing On follow these steps:
- Create a new domain service account for running SSO service.
- Change SSO service’s Identity to the new service account form Services
console.
- Add SSO service account as a farm administrator by using “Update farm
administrator’s group” link from share point central admin.
- Right click internet explorer shortcut select “Run As” provide the credentials for the service account to run it. Open share point central admin using this IE window.
- Setup SSO using this IE window.
- Remove SSO service account from farm administrator group.
Common Issues:
You cannot configure single sign-on settings for a server in your server farm deployment of Microsoft Office SharePoint Portal Server 2003. You specify single sign-on settings for the server on the Manage Server Settings for Single Sign-On page of SharePoint Portal Server Central Administration. After you do this, when you click OK, you receive the following error message:
You do not have the rights to perform this operation.
To resolve this issue, make sure that the user account that you configure the Microsoft Single Sign-On Service to log on as meets the following requirements:
| • |
The user account is the same account that is configured as the single sign-on administrator account, or the user account is a member of the group account that is the single sign-on administrator account.
|
| • |
The user account is a member of the STS_WPG local group on all servers that are running SharePoint Portal Server 2003 in the server farm.
|
| • |
The user account is a member of the SPS_WPG local group on all servers that are running SharePoint Portal Server 2003 in the server farm.
|
| • |
The user account is a member of the public database role on the configuration database.
|
| • |
The user account is a member of the serveradmin fixed server role in the instance of Microsoft SQL Server where the single sign-on database is located.
|
Note In a single-server deployment of SharePoint Portal Server 2003, if the Microsoft Single Sign-On Service runs under an account that is a member of the local Administrators group, the user account does not have to be a member of either of the following roles:
| • |
The public database role |
| • |
The serveradmin fixed server role |
However, we recommend that you do not configure the Microsoft Single Sign-On Service to run as a member of the local Administrators group.
Note Other Issues include
I have not been able to determine the exact cause of this issue, however I believe it has to do with the order of SharePoint installation with regards to Windows Server 2003 Service Pack and Patch installation, Microsoft are aware of this error and have released the following hotfix to rectify this, http://support.microsoft.com/?id=946517, for a detailed account on the cause of this error please see the hotfix information by selecting the link.
If you are affected by this issue, you will not be able to browse websites in IIS even when attempting to ‘Connect to the Local Machine’. See image below.
After applying the Hotfix, IIS will be available as per usual:
| Source: |
Office SharePoint Server
|
| Date: |
20/10/2008 00:20:26
|
| Event ID: |
6482
|
| Task Category: |
(1328)
|
| Level: |
Error
|
| Keywords: |
Classic
|
| Computer: |
|
| Description: |
Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance
|
| Source: |
Office SharePoint Server
|
| Date: |
20/10/2008 00:20:26
|
| Event ID: |
7076
|
| Task Category: |
(1328)
|
| Level: |
Error
|
| Keywords: |
Classic
|
| Computer: |
|
| Description: |
Application Server Administration job failed for service instance
Microsoft.Office.Server.Search.Administration.SearchServiceInstance
|
This error can be corrected with the following hotfix:
http://support.microsoft.com/?id=946517
| Source: |
Office SharePoint Server
|
| Date: |
20/10/2008 00:20:26
|
| Event ID: |
6398
|
| Task Category: |
(1328)
|
| Level: |
Error
|
| Keywords: |
Classic
|
| Computer: |
|
| Description: |
Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance
|
This error can be corrected with the following hotfix:
http://support.microsoft.com/?id=946517
| Source: |
Office SharePoint Server
|
| Date: |
20/10/2008 00:20:26
|
| Event ID: |
27745
|
| Task Category: |
(1328)
|
| Level: |
Error
|
| Keywords: |
Classic
|
| Computer: |
|
| Description: |
The description for Event ID (27745) in Source (Windows SharePoint Services 3) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the / = flag to retrieve this description; see Help and Support for details. The following information is part of the event: #50071: Unable to connect to the database SharePoint_Config on SharePointSQLServer_Dev. Check the database connection information and make sure that the database server is running..
|
This error can be corrected with the following hotfix:
http://support.microsoft.com/kb/923028
A common SharePoint Backup Configuration Error can be seen from the information below, this post will highlight how this can be rectified.
Error: Object SharePoint_Config failed in event OnBackup. For more information, see the error log located in the backup directory. SqlException: Cannot open backup device ‘\\servername\backup\spbr0001\0000001.bak’. Operating system error 5(error not found).
This can be seen in the screenshot below:
Follow these steps to allow successful SharePoint Backups:
- Set the SQL Server (MSSQLSERVER) Windows service to run as a domain account. Will require a restart of the service and IIS.
- Setup sharing on the backup folder. Grant access for the identity that the Central Administration Application Pool runs under, the database SQL account, the identity that the Timer service runs under, to change and read rights.
- On each of the SharePoint servers check you can access the share.
- On each of the database servers check you can access the share.
- Set the folder security, grant privileges for the identity that the Central Administration Application Pool runs under, the database SQL account, the identity that the Timer service runs under to all rights apart from Full Control.
- When running the backup specify the UNC path to the backup share, instead of the folder location (K:\backups\). For example: \\SPSDev\Backups