SSS (Secure Store Service) can serve as a core service, as many other services require that this service be set up to work. One of its roles is to provide a secure database that stores the credentials associated with the application ID. These IDs are used to access the contents of the external data source. This is done by creating an account in the Secure Store database. The Secure store will be used to store IDs and access the data sources displayed by the dashboard. These are external data sources such as SQL Server or SAP. MOSS 2007 also provides this functionality by using the application proxy ID. The problem here is that it does not follow minimum-privilege account rules.
SharePoint 2010 uses the new Secure store and the full and agent-separated IDs. This means that the account can only be created if it has permission to access the data.
This article teaches you how to build a secure Store.
Get ready:
You must be a service administrator for the Secure Store service, and the farm administrator can.
Create an ad account that will be configured to create the application pool identity for this service application.
Begin:
1. Open the Management Center.
2. Application Management--managing service applications.
3. New--secure Store Service.
4. A form appears, to fill in the following fields.
Name: Fill in the Service application name.
Database server: SQL Server machine name.
Database name: Secure Store Name to create, you can modify the GUID after the name.
Database validation: Select Windows Authentication.
Failover server: If a server configuration is completed, this does not create a failover database.
Application pool: Create a new application pool and name it.
Select a security account: Select a configurable and existing domain name account.
Enable logging: Enabled by default, 30 days.
Click OK to return to the Service Application List page.