Problem

If the SSO login don’t work because you get the following failure:

And in /var/log/univention/management-console-web-server.log you get this message

( WARN ) : 2043: SamlError: 500 There is a configuration error in the service provider: No identity provider are set up for use

Solution

Check if you have an entry in this path
ls -l /usr/share/univention-management-console/saml/idp/

total 8
-rw-r–r-- 1 root root 5209 Apr 6 12:11 ucs-sso.your_domain.intranet.xml

If you get an zero output like

total 0

So you have to force run the following join-scrip

univention-run-join-scripts --force --run-scripts 92univention-management-console-web-server.inst

Now check the path before and the login should work again.

Information

Here are some information about SSO in UCS