Hi, I altered my msi so that SSO would be enabled. I deploy the msi using GPO. First I disabled my old GPO, so it would uninstall the old version(5). (Cause I already had 3 upgrades on it) It has uninstalled perfectly. Then I deployed the new msi, which works well. When I look on the client computers which don't have admin rights, the SSO option is gray and not selected. (MSI is configured like it should) On my computer SSO option is also gray, but is selected and the SSO to. I need to fix this urgently, as all users will be upgrading today and tommorow. Anyone else had this problem ? Sincerly Bjorn Lagace Sunparks
there is no need to alter the msi in order to install SSO we have tested it and it works. note that you need to restart the machines in order to use SSO
I confirm. The option is default set to the correct value. Still, why is it gray and not selected on my client machines (no admin rights)? Even after reboot. I opened a ticket with the support. Cheers, Bjorn Lagace Sunparks
Can you make sure of the following: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon GinaDLL points to install path\\TUXCredProv.dll 2X SSO Service is started
Just checked on one of the client machines. 2x sso service is installed and runs ginadll points to the TUXCredProv.dll of 2x. In the client, use sso is grayed out and not checked. Cheers Bjorn
Could you please specify: -Operating System -Do you use any type of additional login system? (such as Smart cards) -Are you using laptop(s)? Some may overwrite or cause conflict with Gina
All OS are Windows XP Pro SP2 No special login things (smart cards..) Some clients are portables but difference in settings. (accept mine, cause I use HP credential software with fingerprint) I just found out the following on the clients : HKLM has sso set to 1 (enabled) HKCU has sso set to 0 (disabled), meaning the user has no access to the sso due to restrictions. I made a new GPO with 'elevated priveliges' and second client has same problem. The GPO is a computer based policy, NOT user based. Changing this is not an option. If you need more info, shoot... Cheers Bjorn
I have exactly the same problem. I have deployed Client 6.0 msi with Group Policy. I have rebooted the machine twice, the 2x SSO service is up and running however the "Use system credentials (SSO)" is not activated ! Thanks
Everytime i opened 2x Client the following key gets modified : \HKCU\Software\2x\AppServerClient\Farms\0001\SSO from 1 to 0 So I I put it 1 , the next time I start the client the key is 0. SSO is not working
extra info : I managed to manually change the sso option in the registry under the HKCU. Meaning the user has sufficient rights. After first reboot, the use SSO was no longer grayed out, but still not selected. After second reboot, still not selected. I now selected the 'use sso' myself. (still logged in as an restricted user) After reboot, it stayed selected. So problem is that when installing with GPO, even with 'elevated priviliges', the option sso is set to 0 in the HKCU instead off 1. Cheers Bjorn
I ran into this issue as well. What I came up with is that when I attempted to run the client install via GPO, the user logging in could not fully write to the registry as a local Power User. The user could write to HKLM area, but not to the HKCU area. I even deleted the entire 2x containers in HKLM and HKCU just to see what was created when the script ran under this users credentials. To overcome this, I decided to push the installation out via the Published Applications portion of our Group Policy. This allows the user to continue to be a local Power User (non-admin) and still successfully write to both of these areas of the registry.
Hello, You need to deploy application through GPO Software Installation part and set it to be installed with elevated privileges.
