The following script can be used to modify or create the master key encryption password that would normally be done if a web app or content database scoped profile was created using the user interface.
param (
[Parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string]
$ContentDatabaseName,
[Parameter(Mandatory=$true)]
[SecureString]
[ValidateNotNullOrEmpty()]
$MasterkeyPassword,
[Parameter(Mandatory=$false)]
[Switch]
$Force
)
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
try {
# get SP CDB
$cdb = Get-SPContentDatabase $ContentDatabaseName
if ($cdb) {
#$cdb.Name
#$cdb.Properties["NeedEncryptionPassword"]
#$cdb.Properties | Format-List
if (-not $Force) { # skipping validation
if (-not $cdb.Properties.Contains("NeedEncryptionPassword")) { # no flag present to regenerate CDB
Write-Warning "'NeedEncryptionPassword' flag was not present to regenerate Content Database. If needed, use -Force switch to force regeneration.`n"
exit
}
else {
if (-not [string]::IsNullOrEmpty($cdb.Properties["NeedEncryptionPassword"]) -and [bool]$cdb.Properties["NeedEncryptionPassword"] -eq $false) {
Write-Warning ("Content Database Master Key has been already regenerated. If needed, use -Force switch to force regeneration. Detail: NeedEncryptionPassword={0}`n" -f [bool]$cdb.Properties["NeedEncryptionPassword"])
exit
}
}
}
else { # Proceed CDB master key regeneration
try {
$sqlConnection = New-Object System.Data.SqlClient.SqlConnection $cdb.DatabaseConnectionString
$sqlConnection.Open()
$sqlCommand = $sqlConnection.CreateCommand()
$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($MasterkeyPassword)
$unsecurePassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)
$sqlCommand.CommandText=[string]::Format("ALTER MASTER KEY REGENERATE WITH ENCRYPTION BY PASSWORD = '{0}'", $unsecurePassword)
$sqlCommand.ExecuteNonQuery() | Out-Null
$cdb.Properties.Remove("NeedEncryptionPassword")
$cdb.Update();
Write-Host ("Master key for content database: {0} has been successfully regenerated.`n" -f $ContentDatabaseName) -ForegroundColor Green
}
catch [Exception] {
Write-Error ("Unable to regenerate content database master key. Detail: Content database name={0}, Exception={1}" -f $cdb.Name, $Error[0].Exception)
}
finally {
if ($sqlConnection) {
$sqlConnection.Close()
}
}
}
}
}
catch { # unexpected exceptions
$_.Exception | format-list -force
}
StoragePoint API Overview
StoragePoint exposes APIs for performing actions from custom Microsoft .net framework code. A Profile Creation api (ProfileAPI) is exposed as well as a Blob Migration API (BlobAPI), a Blob Reference API (BlobReferenceAPI), Archive API (ArchiveAPI), Validator API (ValidatorAPI) and Timer Job API (TimerJobAPI). These APIs are callable only from Microsoft .net framework languages (i.e. C#, VB.net) and can only run on a Web Front End server in a SharePoint farm.
A Visual Studio project must reference the BlueThread.SharePoint.StoragePoint.StoragePointAPI assembly in order to use the ProfileAPI class. This assembly is installed by the core StoragePoint installation in the SharePoint bin directory (ex. C:\Program Files\Common Files\Web Server Extension\12\bin if SharePoint is installed on the C drive). To set the reference in Visual Studio:
1)Right click on the References node under the custom project.
2)Select the Browse tab and browse to the SharePoint bin directory (see above).
3)Select the file Bluethread.SharePoint.StoragePoint.StoragePointAPI.dll and click OK.
Also note the following limitations on solutions developed using the classes:
·The solution must run on a SharePoint WFE server in the farm. No provision is made for access by machines outside of the farm.
·Use outside of a SharePoint context is not supported.
·The solution should run under the SharePoint service account so that access to SharePoint resources and databases is possible.
The ProfileAPI object allows the creation of StoragePoint externalization profiles outside of the StoragePoint UI. This object is usable only from Microsoft .net code.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Feedback 이용 약관 개인정보 보호정책 Cookie Preference Center