Problem
If the SSO login don’t work because you get the following failure:

And in /var/log/univention/management-console-web-server.log
you get this message
( WARN ) : 2043: SamlError: 500 There is a configuration error in the service provider: No identity provider are set up for use
Solution
Check if you have an entry in this path
ls -l /usr/share/univention-management-console/saml/idp/
total 8
-rw-r–r-- 1 root root 5209 Apr 6 12:11 ucs-sso.your_domain.intranet.xml
If you get an zero output like
total 0
So you have to force run the following join-scrip
univention-run-join-scripts --force --run-scripts 92univention-management-console-web-server.inst
Now check the path before and the login should work again.
Information
Here are some information about SSO in UCS