locked
Configuring SSO returns 'A Single Sign-On error has occurred. Please contact an Administrator. Details: Could not find domain for this domain. RRS feed

  • Question

  • Hello,

    I've been on this problem all week and nothing i've tried or found online has helped me resolve this.  I'm in the process of setting up TFS and one of the requirements is to enabled SSO in the SharePoint farm, but everything i've tried results in the 'A Single Sign-On error has occurred.  Please contact an Administrator.  Details:  Could not find domain for this domain' error.

    My environment consists of 3 WFE servers, 1 CA/Excel Services Server, and 1 SQL server.  The 3 WFE's and CA servers are running MOSS 2007 with Windows Server 2008 SP2 and the SQL server is running SQL 2005 with Windows Server 2003.

    1.  I started all Microsoft Sigle-Sign On services with the logon as domain account I created for SSO on all WFE's and CA servers. 

    2.  Gave the SSO service account local admin priviliages on all WFE's and CA server, along with the SQL server.

    3.  Also gave the SSO service account dbcreator, securityadmin, and sysadmin roles on the SQL DB server.

    4.  Configured the Service Account within CA for the SSO with the SSO service account.

    5.  Even did the registry hack of taking out the "quotation" marks at the beginning and end of the ImagePath at [HKEY_LOCAL_MACHINE][SYSTEM][ControlSet001][Services][ssosrv][ImagePath]

    6.  Tried logging in the CA server with the SSO service account

    7.  Tried running I.E as adminstrator and then signing into CA with the SSO service account.

    Nothing has been successful. 

    I'm able to test the ODBC Connection on the CA server to see if its communicating with the SQL server and its communicating.

    When I look at the 12 hive logs I see CSsoresourceManager::CreateSession Error Creating session for SSO.exe

    I'm searched all over the internet for solutions, none were succesful.

    If anyone has any guidance on what I might want to try next I'm open to suggestions.

    Thanks you for your help.

    v/r
    JShidell

    • Moved by Mike Walsh FIN Friday, January 21, 2011 1:22 PM quote - setting up TFS - (From:SharePoint - Setup, Upgrade, Administration and Operation (pre-SharePoint 2010))
    • Moved by John Qiao Monday, January 24, 2011 11:09 AM (From:Team Foundation Server - Setup)
    Friday, January 21, 2011 1:13 PM

All replies

  • Another thing I tried was creating the database on the SQL server prior to setting up SSO within CA.  If I create the database prior I get a warning message when I configure SSO.

    "You are configuring Microsoft Single Sign-On (SSOSrv) to overwrite the configuration data for the existing database.  If you want to use existing credentials, restore the encryption key.  To continue, click Ok.  To cancel, click Cancel."

    If I click OK i'm presented with the same error message:

    'A Single Sign-On error has occurred.  Please contact an Administrator.  Details:  Could not find domain for this domain'

    So to me that tells me that the CA server is communicating with the SQL box since it detects that there is already a database present for SSO.

    Still not sure what might be configured incorrectly or what else I might need to check.

    v/r
    JShidell


    v/r JShidell
    • Proposed as answer by Stefan79 Wednesday, October 12, 2011 7:41 PM
    • Unproposed as answer by Stefan79 Wednesday, October 12, 2011 7:42 PM
    Monday, January 24, 2011 2:58 PM
  • JShidell;

    I am having the exact same problem. I definitely seems like a permission problem. I am however not the person who installed sharepoint on these servers, so Im not sure what SSO was configured. Were you able to get anywhere with this problem?

     

     

    Wednesday, October 12, 2011 7:15 PM
  • JShidell;

    I followed every MSDN and user post out there and I couldn't find out why this was happening? My account, the setup account, the admin account all had the farm permissions and everything else you mentioned above. I did the exact same changes (even the reg hack).

     

    Until I found this I was lost: http://www.thorprojects.com/blog/archive/2008/08/02/moss-single-sign-on-setup-step-by-step.aspx

    Looks like just another guide, until you see the replies at the bottom:

    "Hi robert, great and usefull post! While configuring sso i kept stumbling on the message "you don't have permissions to perform this operation" when trying to configure the sso server settings I solved this by logging out as administrator (in MOSS and windows) and logging in as the sso service accuount (in MOSS and windows)"

    Its not the exact same error you and I received (contact administrator) but it worked for me nonetheless.

    So I tried logging in (RDP) with the domain credentials for the sso service account. I vvisited the CA for about the 30th time, updated the service account again for good measure, then went to the Manage signle sign on service,  and this time it worked (with the pre-existing SSO database, with the same error warning that you received)....can't believe it, it actually finished and brouth me to the manage single sign-on (now with encryption key tools active)

    Life goes on! One thing to note, make sure you have your CA site in your trusted sites so you the scripts can run on the page.

     

    good luck!

    • Proposed as answer by Stefan79 Wednesday, October 12, 2011 7:49 PM
    Wednesday, October 12, 2011 7:49 PM