I just had 10.1.600.8 installed by an Epicor consultant and when I asked about doing SSO, he said I would have to create new config files and app servers. I thought that you were able to get away from that so I decided to just switch over to SSO on the current app servers. I pulled up the Epicor documentation on setting up SSO and it did not work.
Does anyone know of documentation that I could use to set it up? Or is it not possible to switch the current app servers to SSO?
It is possible to change. Take a look on EpicWeb at 16211MPS (Search Tips). Let me know if those are the steps you mostly followed.
Dan,
Thanks. Yes, those were the instructions that I tried. I got hung up going to \inetpub\wwwroot<name_of_Epicor_appserver>. I have 3 servers and I checked the Logon and Task Agent servers and there was nothing in inetpub\wwwroot.
If you open IIS manager and look at your sites, you can see the path using basic settings. That path would replace the generic instruction path.
Thanks for the tip. Does this look like the correct path I need. I don’t think I went to the same place you did in IIS.
Yes, the E:\Websites\EpicorLive\Server would have your web.config file.
Thanks!!!
What do I need to do with the Admin Console? The account I am logged in as is not working. It keeps on saying the account is not set up for single sign on.
It’s just the service account that runs Epicor. Do I need to create it as a user in the system?
You must have a SSO account specified in the EAC. You can setup a user that matches your application pool account. The task agent requires a similar setup except you match the service account. If the accounts are the same, that will save you time.
Dan,
Thanks for all your help. I think I have it all set now, was just wondering if you could review to make sure I did it right.
So, I followed the directions you mentioned. I added the service account that runs IIS as a user in Epicor and set it up as SSO required. The task agent already had a user created in Epicor called “print”. Everything appears to be working.
That looks good, nice work!
Here are you saying that a Windows service account (domain user) should be running the task agent?
Ours is currently a Local System account and following the instructions for SSO published in the solution portal failed to work.
Yes - Use a domain service account for the Task Agent service and then make sure you have a user in Epicor with impersonation rights that has the domain service account listed on it (for SSO)
Thanks
Does that account need a specific permissions?
