Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic


Published: May 12, 2010

Sets a new group credential mapping for a Secure Store Service application.

Update-SPSecureStoreGroupCredentialMapping -Identity <SPSecureStoreApplication> -Values <SecureString[]> [-AssignmentCollection <SPAssignmentCollection>] [-Confirm [<SwitchParameter>]] [-WhatIf [<SwitchParameter>]]



Parameter Required Type Description




Specifies the Secure Store application (that contains the principal) from which to delete the credential mapping.




Specifies the field values for the credential mapping.




Manages objects for the purpose of proper disposal. Use of objects, such as SPWeb or SPSite, can use large amounts of memory and use of these objects in Windows PowerShell scripts requires proper memory management. Using the SPAssignment object, you can assign objects to a variable and dispose of the objects after they are needed to free up memory. When SPWeb, SPSite, or SPSiteAdministration objects are used, the objects are automatically disposed of if an assignment collection or the Global parameter is not used.

note Note:

When the Global parameter is used, all objects are contained in the global store. If objects are not immediately used, or disposed of by using the Stop-SPAssignment command, an out-of-memory scenario can occur.




Prompts you for confirmation before executing the command. For more information, type the following command: get-help about_commonparameters




Detailed Description

The Update-SPSecureStoreGroupCredentialMapping cmdlet sets a new group credential mapping for a Secure Store Service application. Group credentials are a set of credentials that are associated with multiple identities. Target applications will get credentials for a Secure Store application by using the current user. If the current user meets the authorization rule defined in the Secure Store application for the group credentials, then the data is provided.

Input Types


Return Types



$ssApp = Get-SPSecureStoreApplication –ServiceContext http://contoso –Name "ContosoGroupTargetApplication"

$firstCredential = ConvertTo-SecureString "LOBDATABASE\fulltimeemployees" –AsPlainText –Force

$secondCredential = ConvertTo-SecureString "abcDEF123$%^" –AsPlainText –Force

$credentialValues = $firstCredential,$secondCredential

Update-SPSecureStoreGroupCredentialMapping –Identity $ssApp –Values $credentialValues

This example adds a credential mapping for the target application ContosoGroupTargetApplication, for all users in this group target application. These users are mapped to a pair of credential values on the External System with a username of identity fulltimeemployees on domain LOBDATABASE and with password abcDEF123$%^.

Change History


Date Description Reason

May 12, 2010

Initial publication

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
© 2014 Microsoft. All rights reserved.