SharePoint By Yagya Shree

SharePoint | MOSS: Unable to Add Administrative groups [AD] to Single Sign On Service

leave a comment »

àYou are trying to configure a Single Sign-On using a security group which is inside a active directory on the SharePoint Server

àWhenever you are specifying the Group name in the Central administration–operations–Manage Settings for Single Sign-On–Manager Server Settings–Enterprise Application Definition Administrator Account and adding a group named “<Domainname>\<AD group name>” getting error message

“Invalid input values. Please enter a valid account in the form of domain\group or domain user.”

àYou are unable to add the group
àchecked the issue and found that if we use the “Group Scope” as “Domain Local” the AD group does not get resolved in the SSO configuration

àIt is also true if we use “Group Type” as “Distribution”

àWe created a new AD group using following settings:

Group Scope:  Global
Group Type: Security

àUsed the group to configure SSO and it worked

More Information:

Understanding User and Group Accounts

Lesson 9: Clustering the Master Secret Server

Specifying Single Sign-On Administrators and Affiliate Administrators Accounts

Single Sign-on Services for Microsoft Enterprise Application

Keyword: Sharepoint MOSS Signle Sign-On SSO AD group


Written by Yagyashree

May 1, 2009 at 6:30 pm

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: