SharePoint SSS(Security Store Service)服务-PowerShell

1. 获取SSS应用程序的标识

Get-SPServiceApplication

2. 获取指定的SSS应用程序实例

$sss = Get-SPServiceApplication
-Identity bc4399ed-a2e0-4397-bf07-cd3d207e630e

3. 启用SSS审计

$sss = Get-SPServiceApplication
-Identity bc4399ed-a2e0-4397-bf07-cd3d207e630e
Set-SPSecureStoreServiceApplication
–Identity $sss –AuditingEnabled –AuditlogMaxSize 15

4. 配置安全存储数据库

$sss = Get-SPServiceApplication
-Identity bc4399ed-a2e0-4397-bf07-cd3d207e630e
Set-SPSecureStoreServiceApplication –Identity $sss
–DatabaseName SecureStoreDB

5. 生成新的主密钥

Update-SPSecureStoreMasterKey
–ServiceApplicationProxy da9247cb-9055-4024-817c-714ef98656e1
–PassPhrase SharePoint1

6. 刷新密钥

Update-SPSecureStoreApplicationServerKey –ServiceApplicationProxy
da9247cb-9055-4024-817c-714ef98656e1 –PassPhrase SharePoint1

7. 创建应用字段

$windowsUser = New-SPSecureStoreApplicationField
–Name "SP\AppSvcAccount" –Type WindowsUserName –Masked:$false
$windowsPass = New-SPSecureStoreApplicationField –Name "password"
–Type WindowsPassword –Masked:$true

8. 创建目标应用

$targetApp = New-SPSecureStoreTargetApplication
–Name "SSOApplication" –FriendlyName "SSO Application"
–ApplicationType Group

9. 创建新的应用程序入口

$windowsUser = New-SPSecureStoreApplicationField
–Name "SP\AppSvcAccount" –Type WindowsUserName –Masked:$false
$windowsPass = New-SPSecureStoreApplicationField –Name "password"
–Type WindowsPassword –Masked:$true
$appFields = $windowsUser, $windowsPass
$targetApp = New-SPSecureStoreTargetApplication
–Name "SSOApplication" –FriendlyName "SSO Application"
–ApplicationType Group
New-SPSecureStoreApplication –ServiceContext http://sp2010
–TargetApplication $targetApp –Fields $appFields