SSO User Account Changed

Following error message can be found in event log when user account changed, under which SSO service is running.

The secret could not be loaded from the registry. The service account for the SSO service may have been changed or the secret may be corrupted. Restore the secret from a backup file.

Resolution: Restore the master secret.
At the command line, go to the Enterprise Single Sign-On installation directory. The default installation directory is :\Program Files\Common Files\Enterprise Single Sign-On.

ssoconfig –restoresecret restorefile
where restorefile is the path and name of the file where the master secret is stored.

For generating new secret, use following command:

ssoconfig –generatesecret backupfile
where backupfile is the file, that will be created.

Good approach is, always take a backup of master secret before changing user of SSO Service. Then change user and restore master secret. Use the followng command for taking backup of master secret.

ssoconfig -backupsecret backupfile


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: