Auto login not working

Aug 4, 2009 at 3:07 PM


I have successfully installed the webpart and it shows up correct, and even shows the users correct email address in the web part, however clicking on any link still takes me to the live login. I have entered the correct site ID and have put in the path to the cert. Also tried installing the cert locally and putting in the thumbprint. However it still does not auto login. live domain suffix is correct.

Any ideas? Really need this to work and I'm so close!!

Sep 5, 2009 at 1:02 AM


Firstly, sorry it has taken me a while to respond, I've been working OS for the last few weeks and have fallen behind in things like this!

Now, it does sound like you've done everything right, so one good test is the URL it is producing. When you click on one of the login buttons (e.g. e-mail) it will open up a new browser window and initially it will have a very long URL, which should include the Live ID. If you're quick you should be able to highlight & copy & paste it. Then perhaps post it here and I'll be able to see if it is working OK.

The other possibility is that there WONT be a long URL, just a short one like "". This happens when, for some reason, it can't connect or can't authenticate the user. In this case though, on the middle tier server, you should be able to see some event log entries - could you post a couple of those if there are any?



Nov 4, 2009 at 4:25 PM


I have also the same issue as mdodge, all is installed, but when the user opens the page with the SSOwebpart, there are 4 errors in the windows application log with "error 407 Proxy Authentication Required". No proxy has been defined in the ssoserver config or web.config of the sitecollection.
When using internet explorer, with no proxy defined I can browse the internet without problems. SSOserver service is running as domain account, same account as configured in the configuration of the webpart.

in another setup i get other errors :

An error occurred attempt to grab an SLT for user: . The error returned was: <detail><psf:error xmlns:psf=""><psf:value>0x80048122</psf:value><psf:description><psf:lcid>1033</psf:lcid><psf:text>Invalid Passport ID
</psf:text></psf:description><psf:serverInfo>BAYIDSPRTI1A11 2009.</psf:serverInfo></psf:error></detail>

Hope you can assist me.



Mar 9, 2010 at 7:03 PM

...and doesn't the "Impersonation Account" Microsoft told me I'd need come into play somewhere here?  I don't understand how our system and Microsoft's system are 'talking'.  This whole this is very confusing.

Mar 10, 2010 at 12:17 PM

In the beginning it is indeed confusing but it’s like this

1. In your live@edu admin page you request Single Sign On

2. Then you request your certificate

3. The certificate is imported in your computer (sharepoint server)

4. Private key read rights are granted to network service by using http cert tool

5. By using ilm or the other tools you create users in your new live@edu domain (no you can not use existing live accounts as they are not part of your live@edu domain)

6. Liveedu webpart uses the certificate to talk to the live servers and sends the username that is in active directory (email field for example) to the live servers

With this system the user automatically logs on, the certificate is the “password” so to say..

Hope this helps..



From: mgudites []
Sent: dinsdag 9 maart 2010 20:04
To: Jack Linssen
Subject: Re: Auto login not working [LiveEDUSSO:64417]

From: mgudites

...and doesn't the "Impersonation Account" Microsoft told me I'd need come into play somewhere here? I don't understand how our system and Microsoft's system are 'talking'. This whole this is very confusing.

Read the full discussion online.

To add a post to this discussion, reply to this email (

To start a new discussion for this project, email

You are receiving this email because you subscribed to this discussion on CodePlex. You can unsubscribe on

Please note: Images and attachments will be removed from emails. Any posts to this discussion will also be available online at