How to Restore the Master Secret
As part of data recovery procedures, you may need to restore the master secret to re-use existing data. In order to perform this task, you must log on to the master secret server with an account that is both a Windows administrator and an SSO administrator.
To restore the master secret using the MMC Snap-In
On the Start menu, click All Programs, click Microsoft Enterprise Single Sign-On, and then click SSO Administration.
In the scope pane of the ENTSSO MMC Snap-In, expand the Enterprise Single Sign-On node.
Right-click System, and then click Restore Secret.
To restore the master secret using the command line
On the Start menu, click All Programs, and then click Accessories. Right-click Command Prompt, and then click Run As….
Select the appropriate Administrator, and then click OK.
At the command line, go to the Enterprise Single Sign-On installation directory. The default installation directory is <drive>:\Program Files\Common Files\Enterprise Single Sign-On.
Type ssoconfig –restoreSecret <restore file>, where <restore file> is the path and name of the file where the master secret is stored.
Note
On a system that supports User Account Control (UAC), you may need to run the tool with Administrative privileges.
See Also
How to Generate the Master Secret
How to Back Up the Master Secret
Master Secret Server
Managing the Master Secret
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for