Configure SSO for MOSS 2007

With the vague detail provided my MSDN, a normal person like me couldn't make it out how to setup the SSO repository for MOSS 2007. With a brave ambition i started to figure it out by reading only technet steps. Its as always filled with confusion, as where to configure a domain account. Is it for the local machine or the entire domain tree of the company. With the help of Robert L. Bogue, he showed the missing link for SSO mystery.

The steps i'm following what he wrote in his blog. its only for my future reference i'll come and see my blog incase he removes this valuable information.
There are seven main activities that we need to do:

1. Create the SSO service account -- This is the account that the service will run under.
2. Create the SSO groups -- These groups are used to control who has the ability to administer SSO (export the master key) and who has the ability to manage it (add/remove application definitions.)
3. Configure the SSO Service - Set SSO to start and get it to use the service account.
4. Configure SQL Server - Authorize the SSO service account to SQL server.
5. Manage SSO - Setup SSO in MOSS including the groups and the database.
6. Manage the encryption key -- Create the encryption key that will be used for protecting the username and password information on the system.
7. Manage settings for enterprise application definitions -- Define what initial applications SSO will be setup to manage passwords for.

We need to create an account for the "Microsoft Single Sign-on Service" (SSO Service) to run as. This account has to be a domain account that has local administrative privileges for the front end web servers, must be a member of the SharePoint group Farm Administrators, must have db_creator and security administrator roles in SQL Server, and must be a member of the group that is defined as SSO administrators.

Then add the user to the Domain Admins group( this is the missing link) in order to get the local administrator privileges requirement met.
# From the Start Menu click Administrative Tools-Active Directory Users and Computers
# In the left hand pane on the Users folder right click and select New-User from the menu that appears. If your organization places service accounts in a different organizational unit (OU) you can certainly add this account to that location.
# Enter the First Name (SharePoint SSO), Last Name (Service), and User logon name (SharePointSSOSvc) fields and click the Next button. You can name the account anything you want, however, these values make it clear what the account is used for.
#Enter the a password into the Password and Confirm password fields. Uncheck the User must change password at next logon checkbox. Check the User cannot change password and Password never expires checkboxes. Click the Next button. This sets the account up to be a service account.
# Click the Finish button.
# On the user that was just created, right click and select Properties.
#Click the Member Of tab.
#Click the Add button
# Enter the group name Domain Admins and click Check Names then click OK. As mentioned above, if you're using another group to provide local administrator access to the farm servers, use that group here.
# Click the OK button.
With the user account created and added to a group that will have administrative access to the farm servers. Next we need to create the groups that we'll add the users capable of managing SSO into.

Then Create the SSO Group.

rest of the steps are SKIPPED as it has to do with sharepoint configuration

The last step:
Manage Settings for Enterprise Application Definitions ( has to do in Sharepoint)

Deploying asp.net user control in sharepoint

Shown a good way to put custom usercontrols to work with sharepoint pages.

This is the same content that has been posted in http://bestofcyber.wordpress.com/2008/09/16/deploying-aspnet-usercontrolsascx-declared-in-custom-aspx-pages-into-moss-2007-sites/

Consider you are developing a custom application in asp.net out of the box SharePoint for the ease of UI development and deployment ,you might need to also create user controls and use into your aspx pages.

While you are deploying usercontrols(.ascx) file ,you can follow below steps to get the usercontrols rendering in the custom aspx pages I found this way more simple and working 100% fine.

1. Create a Directory called “UserControls” in the root of your SharePoint web site on the file system E.g. C:\Inetpub\wwwroot\wss\VirtualDirectories\80\UserControls

2. Open IIS manager and in the root of your SharePoint site create a VirtualDirectory called “_controls” and point it to that newly created directory.

3. Put your user control in that newly created directory on the filesystem.

4. Open the web.config file and add the following:

Also make sure the trustlevel entry is set to the below

5. In your ASPX page change the existing register directive with the following:

<%@ Register src=”~/_controls/SomeControl.ascx” TagName=”somecontrol” TagPrefix=”uc1″ %>

6. Run your ASPX page and your control should render correctly.