Enabling Single Sign-On

To enable the single sign-on service on the server farm, you must enable it on each front-end Web server, on the job server, and on any server running the single sign-on service. After you enable the service, you can configure single sign-on and application definitions.

Note  The Microsoft Single Sign-on service (SSOSrv) must run as a member of the local Administrators group or as a member of the STS_WPG and SPS_WPG local groups. The account under which the service is running must also be a member of the Single Sign-On Administrator group or account, have the public right on the configuration database for Microsoft Office SharePoint Portal Server 2003, and be a member of the Server Administrators server role on the Microsoft SQL Server instance where the single sign-on database is located. For more information about configuring single sign-on, see Specifying Settings for Single Sign-On and Application Definitions.

Enable single sign-on

Do the following on each front-end Web server, job server, and any server running the single sign-on service:

1. On the taskbar, click Start, point to Administrative Tools, and then click Services.
2. On the Services management console, double-click Microsoft Single Sign-on Service.
3. Click the Logon tab.
4. Under Log on as, click This account.
5. In the This account box, type an account name that is either a member of the local Administrators group or a member of the STS_WPG and SPS_WPG local groups. This user must also be a member of the Single Sign-On Administrator account.
6. In the Password and Confirm password boxes, type the password.
7. Click Apply.
8. Click the General tab.
9. In the Startup type list, click Automatic.
10. In the Service status section, if the service status does not display Started, click Start.
11. Click OK.