Secure Store Service:
The Secure Store Service is an
authorization service that runs on an application server. The Secure
Store Service provides a database that is used to store credentials.
These credentials usually consist of a user identity and password, but
can also contain other fields that you define. For example, SharePoint
Server 2010 can use the secure store database to store and retrieve
credentials for access to external data sources.
Secure store used for following scenarios:
Excel services,Visio services, Performance point services, PowerPivot for SharePoint 2010, BCS.
Backup the SSS DB once it is newly created and after every generating of new encryption key.
SSA creation:
Create
a new service account --> Register the account in Configured
Managed account in Central admin --> Recommend is not to set for
Automatic password change --> Start the SSS service through
"Manage services on server" central admin --> Application
Management section, click Manage service applications --> New
--> click SSS --> Enter the name of of SSA -->
Enter the SQL server name and the DB name --> Enter the name of
new application pool --> Select configurable
Generate new on Encrption key:
Open
the SSA --> click on Generate New Key under Ker management
--> On the Generate New Key page, type a pass phrase string in
the Pass Phrase box, and type the same string in the Confirm Pass Phrase
box.
A target application is a collection of
information that maps a user or users to a set of encrypted credentials
stored in the Secure Store database.Storing credentials in Secure Store
is accomplished by using a Secure Store target application. A target
application maps the credentials of a user, group, or claim to a set of
encrypted credentials stored in the Secure Store database. After a
target application is created, you can associate it with an external
content type or application model, or use it with a Business
Intelligence Service Application such as Excel Services or Visio
Services to provide access to an external data source. When a SharePoint
Server 2010 service application calls the target application, Secure
Store confirms that the user making the request is an authorized user of
the target application and then retrieves the encrypted credentials.
The credentials are then used on the user’s behalf by the SharePoint
Server 2010 service application.
Create target application:
Manage
service application--> Click SSA --> Manage Target
application --> New --> Target Application ID -->
enter the a unique string --> Enter the test string in Display
name --> Enter an email ID -->use default page/custom
page/None --> Select Group or Individual from Target Application
Type drop down --> Next --> Specify the credential fields
for your Secure Store Target Application --> Add two listed
fields -->Specify the membership settings.
No comments:
Post a Comment