How to recover the username and password from the Secure Store Service

Hi, it happened lots of time, I configure the Secure Store with an username and pwd, I tried to keep this values in a txt, but some times this txt were deleted by mistake or simply we forget where we store this values. For that reason, from time to time I execute the following PowerShell to extract all this information and trie to document it.

So here we go:

add-PSSnapin 'Microsoft.SharePoint.Powershell'

Add-Type -Path C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions15ISAPIMicrosoft.SharePoint.dll
Add-Type -Path C:WindowsMicrosoft.NETassemblyGAC_MSILMicrosoft.Office.SecureStoreServicev4.0_15.0.0.0__71e9bce111e9429cMicrosoft.Office.SecureStoreService.dll
Add-Type -Path C:WindowsMicrosoft.NETassemblyGAC_MSILMicrosoft.BusinessDatav4.0_15.0.0.0__71e9bce111e9429cMicrosoft.BusinessData.dll

$sssAppId = ExcelHost
$webAppUrl = https://portalurl  #Note - this can be any web application bound to the SSS proxy application; or central admin

$site = Get-SPSite -Identity $webAppUrl
$ssProvider = New-Object(Microsoft.Office.SecureStoreService.Server.SecureStoreProvider)

$context = [Microsoft.SharePoint.SPServiceContext]::GetContext($site)
$ssProvider.Context = $context;

Write-Host Credentials for SSS Application $sssAppId
$credentialCollection = $ssProvider.GetCredentials($sssAppId)
foreach($c in $credentialCollection)
{
    $ptr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($c.Credential)

    $decryptString = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($ptr)

    Write-Host Credential Type: $c.CredentialType
    Write-Host Decrypted String: $decryptString
}

The code is made for working with SharePoint 2013, if you need to run this code in SharePoint 2010, try to change the locations to the correct GAC

Hope it helps!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s