For the set up of the SSO Service
- Create a new domain service account for running SSO service. E.g. MYDOMAIN\svc_sso
- Add that account to local admins on the box
- Give the account system admin permissions on the SQL Box
- Change SSO service's Identity to the new service account from the Servicesconsole (Admin Tools->Services), change to automatic start and start the service up
- Add SSO service account as a farm administrator by using "Update farm administrator's group" link from share point central admin.
- Physically log into the box as the SSO account (you cannot just do a Login as a different user in Central admin – it won’t work. Presumably a bug in MOSS.) NOTE THIS IS AN IMPORTANT Step (otherwise you may get errors such as “Login Failed for user ‘NT AUTHORITY\ANONYMOUS LOGON’” or “You do not have the rights to perform this operation.” In the Manage Server Settings section of SSO setup)
- Open up Central admin, and you should now be able to enter and set the SSO account information.Remove the account from farm admins.
For the Set up of the Trusted Hosts File
Also note that instructions say that you have to set up the trusted hosts file or the sample in
c:\Program Files\Microsoft Office Servers\12.0\Config\TrustedSAPHosts.config or
c:\Program Files\Microsoft Office Servers\12.0\Config\TrustedSAPHosts.sample.xml as per
This is not correct - the file is actually in in C:\Program Files\Microsoft Office Servers\12.0\Config\