Forgot your Secure Store Creds?

FeaturedImage

I’m usually diligent at storing system credentials in a secure password vault for my job, but the odd time I slip up and today was one of those times.

If you use the Secure Store Service application in SharePoint, you need to provide the credential for each target application.  It is used to access the external data source.

SetCredentials

Once set, there is no way to see the credential thru the Central Admin UI. I wanted to know which credential a target application was using and I didn’t have it recorded in my password database.  Even if I did, sometimes I just like to confirm the setting rather than trusting the documentation. You with me on that one?

Not surprisingly, you can use PowerShell to retrieve it.  I found a couple of posts out there how to do it, but I made it my own and have it here mostly for my own reference.  I’m sure I’ll be wanting to do this again and now I have it written down in a handy place. 🙂

Add-PSSnapin Microsoft.SharePoint.Powershell -ErrorAction SilentlyContinue

# Displays credentials for all target applications in the secure store service application in your farm.

$svcContext = Get-SPServiceContext -Site http://centraladminurl
$ssProvider = New-Object Microsoft.Office.SecureStoreService.Server.SecureStoreProvider
$ssProvider.Context = $svcContext

$ssProvider.GetTargetApplications() | ForEach-Object {
    Write-Host "`n"($_.Name)
    try {
            $ssProvider.GetCredentials($_.ApplicationId) | ForEach-Object {
            $ptr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($_.Credential)
            $cred = [System.Runtime.InteropServices.Marshal]::PtrToStringBSTR($ptr)
            Write-Host "`t$($_.CredentialType): $($cred)"
        }
    }
    catch {
        Write-Host "`t$($_)" -ForegroundColor Red
    }
}

Here is an example of the script result for all target applications I had defined in my Secure Store Service application:

ScriptResults

I hope you find this useful if you find yourself in the position of needing to know what the credentials are set to.


Thanks for reading!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s