How to Generate the Master Secret
You must have administrator rights on the master secret server in order to perform this task. In addition, you must perform this task from the master secret server.
The first server where you install Enterprise Single Sign-On becomes the master secret server.
Important
There can be only one master secret server in your SSO system.
Note
When Enterprise Single Sign-On is installed as part of the BizTalk Server installation, the master secret is generated as part of the Configuration Wizard. You will only need to perform this task if you want to generate a new master secret.
To generate the master secret using the MMC Snap-In
On the Start menu, click All Programs, click Microsoft Enterprise Single Sign-On, and then click SSO Administration.
In the scope pane of the ENTSSO MMC Snap-In, expand the Enterprise Single Sign-On node.
Right-click System, and then click Generate Secret.
To generate the master secret using the command line
On the Start menu, click Run, and then type cmd.
At the command line, go to the Enterprise Single Sign-On installation directory. The default installation directory is <drive>:\Program Files\Common Files\Enterprise Single Sign-On.
Type ssoconfig –generateSecret <backup file>, where <backup file> is the name of the file that contains the master secret.
You will be prompted to enter a password to protect the file you just created.
Note
On a system that supports User Account Control (UAC), you may need to run the tool with Administrative privileges.
See Also
How to Back Up the Master Secret
Master Secret Server
Managing the Master Secret
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for