Restore SSO (Office SharePoint Server 2007)

Applies To: Office SharePoint Server 2007

This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.

 

Topic Last Modified: 2008-07-18

Before you perform these procedures, ensure that you have read Back up and restore SSO (Office SharePoint Server 2007).

These procedures assume that you are restoring Microsoft Single Sign-on (SSO) to the same farm and that that neither the data in the SSO database nor the encryption key has been changed since they were last backed up.

You must be logged on to the encryption-key server locally to restore the encryption key. The encryption-key server is the first server on which the SSO service is enabled. The encryption-key server must be running the SharePoint Central Administration Web site.

Restore the SSO encryption key

When you restore SSO, you must also restore the encryption key. The encryption key is necessary to ensure access to encrypted credential information that is stored in the SSO database.

Warning

If the encryption key is compromised, a malicious user could gain access to all credentials stored within the single sign-on service and gain unauthorized access to computer resources. Therefore, do not store the backup media for the encryption key in the same location as the backup media for the SSO database.
If you have changed the name or location of the encryption key on the backup media, you must move or copy the encryption key to the root directory of the media and change the name of the encryption key to “BaseKey.key”.

Important

Membership in the Farm Administrators SharePoint group on the encryption-key server is the minimum required to complete this procedure. Additionally, you must be a member of the dbcreator fixed server role on the database server.

Restore the encryption key

  1. On the SharePoint Central Administration Web site, on the Operations page, in the Security Configuration section, click Manage settings for single sign-on.

  2. On the Manage Settings for Single Sign-On page, in the Server Settings section, click Manage encryption key.

  3. Select the storage media on which the encryption key was backed up, and then click Restore.

Restore SSO using by using Central Administration

Use these procedures to restore SSO by using Central Administration.

Note

Using this procedure does not restore the encryption key. To restore the encryption key, you must use the “Restore the encryption key” procedure earlier in this topic.

Important

Membership in the Farm Administrators SharePoint group on the encryption-key server is the minimum required to complete this procedure. Additionally, you must be a member of the dbcreator fixed server role on the database server.

Restore SSO by using Central Administration

  1. On the SharePoint Central Administration Web site, on the Operations page, in the Security Configuration section, click Restore from backup.

  2. On the Select Backup Location page, in the Backup File Location section, type the Universal Naming Convention (UNC) path of the backup folder, and then click OK.

  3. On the Select Backup Package to Restore page, select the backup package that contains the SSO backup, and then click Continue Restore Process.

  4. On the Select Component to Restore page, select the SSO component, and then click Continue Restore Process.

  5. On the Select Restore Options page, in the Restore Component section, verify that you have selected the correct component; in the Restore Options section, select Same configuration (rather than the default value, New configuration); click OK in the dialog box that appears, and then click OK.

  6. You can view the status on the Backup and Restore Status page by clicking Refresh. The page also updates every 30 seconds automatically. Backup and recovery are Timer service jobs, so it may take a few seconds for the recovery to start.

    If you receive any errors, review the sprestore.log in the folder that you specified earlier in this procedure.

Restore SSO by using the Stsadm command-line tool

Use this procedure to restore SSO by using the Stsadm command-line tool.

Warning

You cannot restore the encryption key by using the Stsadm command-line tool. You must use the “Restore the encryption key” procedure earlier in this article.

Important

To run the Stsadm command-line tool, you must be a member of the Administrators group on the local computer.

Restore SSO by using the Stsadm command-line tool

  1. On the drive on which SharePoint Products and Technologies is installed, change to the following directory: %COMMONPROGRAMFILES%\Microsoft shared\Web server extensions\12\Bin.

  2. Type the following command, and then press ENTER:

    stsadm -o restore -directory <\\server name\folder name> -restoremethod overwrite

    where \\server name\folder name is the UNC path of the backup folder.

  3. If the operation is completed successfully, the command prompt window displays the following text:

    Completed with 0 warnings.
    Completed with 0 errors.
    Restore completed successfully.
    ---------------------------------------------------------
    Operation completed successfully.
    
  4. If there are errors or warnings, or if the recovery is not successfully completed, review the sprestore.log file in the folder that you specified in step 2.

    For more information, see Restore: Stsadm operation (Office SharePoint Server).

See Also

Concepts

Back up and restore SSO (Office SharePoint Server 2007)
Back up SSO (Office SharePoint Server 2007)