Configuring the secure store services
To configure Secure Store, you perform the following steps:
- Register a managed account in SharePoint Server 2013 to run the Secure Store application pool.
- Start the Secure Store Service on an application server in the farm.
- Create a Secure Store Service service application.
To run the application pool, you must have a standard domain account. No specific permissions are required for this account. Once the account has been created in Active Directory, follow these steps to register it with SharePoint Server 2013.
To register a managed account
- On the SharePoint Central Administration Web site home page, in the left navigation, click Security.
- On the Security page, in the General Security section, click Configure managed accounts.
- On the Managed Accounts page, click Register Managed Account.
- In the User name box, type the name of the account.
- In the Password box, type the password for the account.
- If you want SharePoint Server 2013 to handle changing the password for the account, select the Enable automatic password change box and specify the password change parameters that you want to use.
- Click OK.
Once you have configured the registered account, you must start the Secure Store Service on an application server in the farm. Because Secure Store deals with sensitive information, we recommend that you use a separate application server just for the Secure Store Service for better security.
To start the Secure Store Service
- On the Central Administration home page, in the System Settings section, click Manage services on server.
- Above the Service list, click the Server drop-down list, and then click Change Server.
- Select the application server where you want to run the Secure Store Service.
- In the Service list, click Start next to Secure Store Service.
Once the service is started, you must create a Secure Store Service service application. Use the following procedure to create the service application.
To create a Secure Store Service service application
- On the Central Administration home page, in the Application Management section, click Manage service applications.
- On the Manage Service Applications page, click New, and then click Secure Store Service.
- In the Service Application Name box, type a name for the service application (for example, Secure Store Service).
- In the Database Server box, type the instance of SQL Server where you want to create the Secure Store database.
- Select the Create new application pool option and type a name for the application pool in the text box.
- Select the Configurable option, and, from the drop-down list, select the account for which you created the managed account earlier.
- Click OK.