Hi Experts, I am planning to install Single Sign-On in my Farm. Please help me to understand the below 1. Can I connect the SQL database, which is in another server, not in the host server where I will be installing SSO? I don't want to create many SQL or SQL Express edition database in my network. If yes, please tell me how 2. I don't have any Index server. Can I select any server to host SSP encryption-key server role or I have to use the server where central administration is found, like the host of SharePoint Server?

1) Of course. That is its whole purpose. SSO would be worthless if it could only connect to resources on the same server. You're NOT supposed to have SQL installed on your SharePoint servers at all. 2) What is an SSP encryption-key server role? I don't understand what that means. If you meant to say SSO, then that has nothing to do with your index server nor the term "SSP." It's not a good idea to have a SharePoint farm without an index server. This should only be done in a very limited development environment that will not be utilized by end users. Regardless, you don't need an SSP nor an index server to set up Single Sign-OnSharePoint Architect || My Blog

As Clayton pointed out, the answer is Yes. The how is determined on what application you are using. In SharePoint designer you would create a data source that uses SSO and then apply a DataView web part on top of that. But that's only good for READing data out of the database. If you are more specific about what you are trying to accomplish (the tools), Clayton and I may be able to help you more. ChrisChris Givens CEO, Architecting Connected Systems Blog Twitter

Thank you for your quick reply Clayton, 1. I haven't started my SSO installation yet, I am not sure in what point I have to connect the SQL Database in the remote pc. if possible, give me some ideas otherwise, I will figure it out. 2. I am sorry for my typo on SSO, it is not SSP. Anyway you said that you don't need an index server to setup SSO. So are you saying that it is OK to install SSO on the same server, I have SharePoint server installed. If I do that will there be any performance issues. Thanks in advance

I think you're confused about what SSO is. Single Sign-On is just a feature that allows you to pass credentials to other back-end data sources or server resources without the user having to login again. It uses a single entity that gets passed as part of your connection string for connecting to things like external databases. You do not _install_ SSO. It is a Windows service that you start on the SharePoint server, and then you configure it in Central Admin. During the process, an SSO database is created in the SharePoint SQL server, which is on a different server than SharePoint. Once SSO is configured, you create a target ID that is used for connecting to back-end data systems. At this point, you have to create your web service or data source that goes from SharePoint to the database and uses the SSO ID you previously created. The real question here is...what are you trying to accomplish? I'm not sure you know why you're setting up SSO, so can you explain to us your goals?SharePoint Architect || My Blog

Many thanks to Clayton for keep answering. Main Goal: To allow us to integrate Exchange OWA and Archived emails into SharePoint is the primary goal. May get other benefits Currently, SharePoint Server is installed in one box, where only InfoPath Forms Services is also configured. Reporting Service is configured in another box, which is also front end server. Thank you

Thank you Chris, I can see you have respect for Clayton as you are a respectable person. What tools you mean that may help? Where I can get it?

You don't need SSO for integrating OWA with Exchange. That is done through out-of-the-box web parts on My Sites. Can you explain what you want to do with archived emails? That part may be more involved.SharePoint Architect || My Blog

I can't Thanks enough for your help Clayton. 1. Out of the Box OWA integration is OK only from internally but when you try to access it externally, it asks for user and password again. I guess, part of the problem is OWA uses exchange server link rather than SharePoint server address. But again I am not sure something needs to be configured correctly or we need SSO to resolve this. 2. We use RedMap for outlook email archive. The idea is to integrate this with OWA part in SharePoint, so our user will not only able to access Outlook through webmail but also will have access their Outlook Archive. 3. There is another big reason for configuring SSO and that is “SharePoint to JIRA Connector. http://www.customware.net/repository/display/CustomWare/SharePoint+Connector+for+JIRA and I am sure you need to have SSO for this. Thanks again

Ok, so #3 will require SSO, but I think you need to get some help with 1 and 2. I don't believe SSO alone will be the answer there. Do you have a SharePoint architect building this?SharePoint Architect || My Blog

Some done by an architect, some by us I am sure your expert suggestions will help me or you can show me the correct direction As always, Thank you

Clayton, Do you have any suggestion for me please

Clayton, I have successfully configured SSO and I found it is not that difficult what I was expecting. My problem was that I was trying to visualise the whole installation scenario before I even started my installation. I like to say ‘Thanks’ to you for your expert suggestions you have given me. You are a most indispensable contributor in Microsoft TechNet Forum. Thanks again.