pignion
After many woes I eventually got SSO to work with both SharePoint designer and the BDC.
Forever, i had two different MOSS servers I was trying to configure with SSO and both exhibited various problems, one of which was your error. Eventually what fixed it on one server was to re-create the encryption key and then re-start the service. Then suddenly everything started working.
Since I had essentially configured everything in parallel, I figured i'd messed something up along the way and it had been cached in some way, but when doing this fix on the second box, it didn't help. It was still was giving me an authentication error in my logs every time i tried to connect.
I found that in order to get it to work, I had to delete everything SSO and start over, configuring SSO in this exact order:
- Make sure the SSO is running under an account that meets the requirements outlined in the Central Administration Help. Start the service.
- In the Central Admin SSO area, Configure the settings under Manage Server Settings. Make sure these accounts match the requirements in Central Administration help too.
- In the Application definintion section, create an application definition using Windows Authentication. I used a group account. You should be able to leave the rest as is. You'll choose which group account to use in the next step.
- Go to the Manage account information for enterprise application definition settings. Select your new definition and add the Group account you want users to authenticate to. This is the client-end account. The user trying to connect to the db must be in this group.
- Click Set. In the Logon Information, enter the Username and Password that SSO will use to connect to the DB. I don't know if this gives you any feedback if you enter the information wrong. There is little feedback when you get it right, i know that. Enter the info carefully and click OK. That should be all you have to do.
- In SharePoint Designer, connect to a SQL datasource using SSO. In the SSO box, enter the SSO Application ID, "Username", and "Password".
I think that if you get something wrong along the way, it sort of messes everything up, and the whole thing doesn't work unless you start over. That is how it seems to work for me at least. This was one of the biggest PITAs so far for me and my relationship with MOSS.
unfortunately, now that i successfully got that working, i can retrieve data, but cant' actually write back to the DB using SharePoint designer and SSO. I have a post here about that.
Good luck to you, hope this helps.