SharePoint SSO error and Window Server 2003 SP1


“Failed to connect to the database server. Verify connectivity and rights for the configuration account and try again.”


On a project I was recently working on we ran into this error message when configuring SSO in SPS.


Well … after much hair pulling … we found that we were not alone.  There are a couple of posts from people on the net about workarounds that may or may not work (they didnt for us).  I also found another MS consultant working with another customer who was having the same problem.


It is funny how problems look like one thing on the surface … but are totally related to something else under the hood.  As it turns out … this problem is due to Windows Installer 3.1 that happens to be installed when you apply Windows Server 2003 SP1 !


The problem is fairly easily resolved however … by manually tweeking a registry entry.


Find the ImagePath registry entry at the following location:


HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ssosrv


Remove the quotation strings from around the the ImagePath value … and away you go.


The result of all this is that there is currently a KB being written that will outline the problem and the steps to fix it.


 


 


Comments (46)

  1. Robert Hankin says:

    I have also had this problem when I tried setting up single sign on AFTER installing SP1. My initial error was the same as yours: "Failed to connect to the database server. Verify connectivity and rights for the configuration account and try again."

    I have tried the RegEdit you have suggested which results in the new error message "A Single Sign-on error has occurred. Please contact an administrator. Details: Unspecified error" Any ideas? I don’t really have the option of a full reinstall of the server.

    Thanks

    Robert Hankin (rhankin@richmond-foods.plc.uk)

  2. James says:

    Thanks for this, you saved me big yesterday.

  3. allez says:

    i did remove the quotation string at the imagepath in the registry..but the error still same as before which "failed to connect to database.."

    pls help me..i spent a lot of time to solve this..

  4. Cindy says:

    Thank you very much for this information!

  5. Gareth says:

    We experienced the same error but found a different root cause.

    We found that some of the various tables in the SP DB had <null> as the owner. We ran a SQL script to determine which tables had this issue and then changing the ownership to a service account.

    NOTE: We do not have Win2003 SP1 installed, although we do have Windows Installer 3.1 installed. I did not find any quotes around the regestry values.

  6. Edgar says:

    I had this problem, i’ve Windows 2003 SP1, and SPS 2003 SP1 chang privileges to tempdb on SQL Server for my service account to db_owner and change de database name from SSO to SSO_DB and works

  7. iuy says:

    I’m also having the same problem but removing the quotation strings alone from the registry didn’t work for me.

    I also had to stop & start the service of Micrsoft Single Sign on before it worked.

    Thanks for the registry information!

  8. Rick King says:

    Yes you do have to restart the Microsoft Single Sign-on Service before this works. Here is the KB Article: KB901203

  9. I restart the Microsoft Single Sign-On Service after updating the registry file, but still problem does not resolved.

    Any body who face the same problem, please reply.

    Adnan

  10. SSOHell says:

    if there is a heaven my friend.. you are there!

    you saved me BIG. Thanks

  11. Darryl Lowe says:

    Yep. That did it! Be sure to bounce the SSO service before trying again!

  12. Surdeep says:

    Thanks a ton Dude this worked fine! You sure are going to get a nod at the Pearly Gates!

  13. IKELoser says:

    Similar story. Up down back forth no joy till the quotes were removed and restarted SSO service.

    Many Thanks!

  14. Perfect says:

    This worked great! you are so cool!

  15. Paul S says:

    Wow! Stepping through the SPS Discovery kit and ran into this problem. The reg hack worked like a charm.

  16. PTR says:

    Thanks very much!

    I was fiddeling with this problem for quite some time!

    Works fine now!

  17. Syed Adnan Ahmed says:

    Hi,

    I have MS SharePoint Portal Server 2003 installed with SP2 and WSS with Sp2 as well. I am using SQL Server 2005 to connect to DB. I have removed quotation marks from the registry as well. But still getting the following error: "You do not have the rights to perform this operation."

  18. CHARPER says:

    This worked like a charm! Removed the quotes and rebooted and works flawlessly now.

    Syed — for reference, I have the same setup as you including SQL 2005 and my setup works. Hope this helps!

  19. Ted says:

    thanks, I wasted several hours thinking I was a complete idiot until I looked up the problem on the internet.

    Thanks.  I can go home and not beat my kids tonight.

  20. Dave Gregory says:

    You won’t believe this:  Couldn’t make any of the above fixes work until I made the single sign on domain user a local admin on the database box

  21. Alex says:

    Woooooooooo!

    3+ hours of hurt before i found this blog.

    SQL 2005 + SPPS sp2 + W2003 SP1 = pain.

    THANK YOU.

  22. chjohn says:

    No problem … it frustrated me for a long time before i figured it out.  Glad it has helped.

  23. I had the same Problem , i fix the Regkey then i become 0x80040E14 Error

    I logon on the Server and login with the Service Account from "SSO Service" start the SSO Config Page, at me it works now.

    Hope i can help someone

  24. Rahul says:

    Thank you very much for your article..

    it helped us a lot

  25. Nico De Nysschen says:

    Read the article, thought it was a good shot after granting full access on all SQL db’s etc. Then I used this article to remove the registry quotations from the imagepath but still nothing.. Only Musch later realised that you have to stop and start the Microsft Single-Sign-On service.

    Thanks all, this helped a stack!!

  26. Ambreen says:

    hello Chris,

    i’m having issues with this sso thing too, wondering if you can help. i have everything configured and i can add accounts to my db and if i go run the stored procedure to get all credentials it also returns me a row confirming that the application and credentials are there but i keep getting an error for the Credentials.getCredentials method call. i’m able to successfully call the setCredentials and setUserCredential methods, based on code samples on microsoft site but getCredentials seems to be failing. Any help would be greatly appreciated.

    thanks,

    ambreen

    here’s what it shows in event log

    Event Type: Error

    Event Source: Office SharePoint Server

    Event Category: SSO

    Event ID:                6492

    Date: 6/26/2006

    Time: 10:48:09 AM

    User: N/A

    Computer:                mycomp

    Description:

    The Microsoft Single Sign-on (SSOSrv) service failed to retrieve credentials for user mydomainmyuser, enterprise application definition Northwind. The error returned was 0x80040e14. For more information, see the Microsoft SharePoint Products and Technologies Software Development Kit (SDK).

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

  27. Steve says:

    After hours of pulling my hair thinking that I was doing something wrong!!! It blows my mind how the error message would suggest something so wrong. But thanks much, you saved the day!

  28. Andrew says:

    I’ve tryed everything, but nothing worked untill I found a bug in "c:Program FilesCommon FilesMicrosoft SharedMicrosoft Single Sign-onsso_schema.sql". It seems to be because of that my SQLServer’s default code page was case sensitive and a variable in this script did not met case in the declaration.

    Procedure:dbo.sso_InsertUpdateApplication, variable @Numfields (@numfields and @NumFields).

    Try to run SQL Query Analyzer, open this script and press Ctrl+F5 (Parse Query). After correcting case of those strings – try to run SSO configuration again.

    If you want to ask about it – write to "anpal at bigmir dot net".

    Good luck!

  29. Andrew says:

    I’ve tried everything, but nothing worked untill I found a bug in "c:Program FilesCommon FilesMicrosoft SharedMicrosoft Single Sign-onsso_schema.sql". It seems to be because of that my SQLServer’s default code page was case sensitive and a variable in this script did not met case in the declaration.

    Procedure:dbo.sso_InsertUpdateApplication, variable @Numfields (@numfields and @NumFields).

    Try to run SQL Query Analyzer, open this script and press Ctrl+F5 (Parse Query). After correcting case of those strings – try to run SSO configuration again.

    If you want to ask about it – write to "anpal at bigmir dot net".

    Good luck!

  30. Denis says:

    I was also receiving all of the various errors reported above and ended with the 0x80040E14 Error.

    I was already logged onto the Server as the SSO Admin Account so this didnt resolve my problem.

    In my case I needed to delete the SSO database that had been created along the way. Once this was done it recreated it and started working like a charm.

    Denis @ obs

  31. sri says:

    Hi,

    I have MS SharePoint Portal Server 2003 installed with SP2 and WSS with Sp2 as well. I am using SQL Server 2005 to connect to DB. I have removed quotation marks from the registry as well. But still getting the following error: "You do not have the rights to perform this operation."

  32. Mark Stokes says:

    Just to add my 2pence to the discussion…

    I tried all the suggestions above to no avail.  I finally came across the fact that the SSO Service was running as the local system account.

    I changed this to a domain account and it works perfectly.

    Mark

  33. ewan says:

    I ran into this problem.  Turns out I had a sql database without an owner — that database was not even a sharepoint database, but it affected creating the SSO DB!! Grr…

    check to see if you have any databases without an owner

    use master select * from sysdatabases where suser_sname(sid) is NULL

    user <name of database that does not have

    sp_changedbowner ‘sa’

  34. ewan says:

    I ran into this problem.  Turns out I had a sql database without an owner — that database was not even a sharepoint database, but it affected creating the SSO DB!! Grr…

    check to see if you have any databases without an owner

    use master select * from sysdatabases where suser_sname(sid) is NULL

    use <insert database without owner>

    sp_changedbowner ‘sa’

  35. lops says:

    Mark Stokes thanx a lot!

    Removing quotes didn’t help for me as well, but your suggestion regarding changing local account to domain one for SSO Service did the trick. 🙂

    Regards,

  36. MikeK says:

    It was the missing DB owner for me.  I am using a shared SB server for SPS03 and I had one application’s DB with no owner.

    use <insert database without owner>

    EXEC sp_changedbowner ‘sa’

    Is what i used…

    Brutal, absolutely brutal.

  37. Surgence says:

    If you are getting the "0x80040e14" error, I found out that this could be caused by the SSO Encryption key that Sharepoint creates.

    Goto

    Central Administration > Operations > Manage Single Sign-On > Manage Encryption Key  

    Create a new key and make sure the Check Box IS checked!  This seemed to do the trick for me after the registry trick didnt work!  Hope this helps!

  38. PKONSITE says:

    Hi!

    Similar problem like Ambreen:

    Event Type: Error

    Event Source: Office SharePoint Server

    Event Category: SSO

    Event ID:                6492

    Date: 6/26/2006

    Time: 10:48:09 AM

    User: N/A

    Computer:                mycomp

    Description:

    The Microsoft Single Sign-on (SSOSrv) service failed to retrieve credentials for user mydomainmyuser, enterprise application definition Northwind. The error returned was 0x80040e14. For more information, see the Microsoft SharePoint Products and Technologies Software Development Kit (SDK).

    Running 2003 SP1

    Tried all hints and tips – nothing worked. The configuration of the SSO is devided into several steps. I couldn´t find a description with the complete process – what to do first, 2nd step and so on. What I see is that there are several debendencies within accounts, ad, domain and so on.

    Is there a complete description / process sheet available?

    The bad thing is – I must work on a german installation what gives me lots of trouble with the "great" translation.

    Cheers PKONSITE

  39. Jonathan Davey (TheJD) says:

    Well done guys! I have no experience in SQL or programming but after removing speach marks, resetting MSSO snapin AND resetting MOSS/SSO bumf all works well!

    However still dont understand why SP-Designer is throwing up same error when not using SSO ie domain/administrator….?

  40. Bert Linders says:

    Try logging on to the server with the account you want to use (but first make sure this account is an OSS admin).  Make sure the account has all requirements for SSO and then complete the page.  This solved the issue for me.

  41. I needed SSO to get SAP iView to work on MOSS 2007. I tried all the above steps without luck. Finally i installes the SPS SP1 and MOSS SP1, rebooted the share point 2007 frontend servers, generated new SSO keys, with check for update existing passwords, – that made the trick.

    Tnx. a lot for the help.

  42. geophrey millinga says:

    i have got the following error  ( the instruction at 0x77f81764 reference memory at 0x 00000000 the memory could not be read) how to solve  this  my email adress is geophrey2001@hotmail.com

  43. Russ W says:

    I was getting the error "You do not have the rights to perform this operation" when I tried to configure the SSO settings.  My SSO service was running as Local System, but I changed it to a domain account and the error went away.