Share via


How to Configure SharePoint 2010 Secure Store Service using PowerShell

Following the publication of the source code for the recently released Project 2010 content pack, we also published the source code of the project to automate the deployment procedure of the content pack on MSDN Code Gallery: https://code.msdn.microsoft.com/Project2010DemoPack.

One of the nugget it contains is the PowerShell script to automate the configurate of Secure Store Service (which is required for Excel Services 2010), and yes you can also follow the step by step procedure documented on TechNet: Configure reporting for Project Server 2010

Code is also here: https://gallery.technet.microsoft.com/ScriptCenter/en-us/a88f7b6e-9c9e-475f-afd1-c68c4ef3cc4a

 $targetApplicationName = "ProjectServerApplication"
$userName = "contoso\administrator"
$password = "pass@word1"
$url = "https://project.contoso.com/pwa"
$grp1 = (New-Object System.Security.Principal.NTAccount("contoso", "domain users")).Translate([System.Security.Principal.SecurityIdentifier]).Value
$memberclaims = New-SPClaimsPrincipal -Identity $grp1 -IdentityType WindowsSecurityGroupSid
$pw = new-spsecurestoreapplicationfield -name "Password" -type WindowsPassword -masked:$false
$un = new-spsecurestoreapplicationfield -name "User Name" -type WindowsUserName -masked:$false
$fields = $un, $pw
$proxy = Get-SPServiceApplicationProxy -identity "af18e4e8-3221-432f-b6cb-9e76a64d248c"
$defaultServiceContext = Get-SPServiceContext $url
$credentialTypes = "UserName","Password"
$c1 = convertto-securestring $userName -asplaintext -force
$c2 = convertto-securestring $password -asplaintext -force
$credentialValues = $c1,$c2
$pkmacctclaims = New-SPClaimsPrincipal -Identity $userName -IdentityType WindowsSamAccountName
$app = new-spsecurestoretargetapplication -name $targetApplicationName -friendlyname $targetApplicationName -contactemail "administrator@contoso.com" -applicationtype Group -timeoutinminutes 3 -setcredentialsuri "https://ipserver2"
new-spsecurestoreapplication -ServiceContext $defaultServiceContext -TargetApplication $app -Administrator $pkmacctclaims -CredentialsOwnerGroup $memberClaims -Fields $fields
$ssoapp =  Get-SPSecureStoreApplication -ServiceContext $defaultServiceContext -Name $targetApplicationName
[System.Threading.Thread]::Sleep(10000)
Update-SPSecureStoreGroupCredentialMapping -Identity $ssoapp  -Values $credentialValues 
Update-SPSecureStoreApplicationServerKey -Passphrase pass@word1 -ServiceApplicationProxy $proxy