Secure Store Shared Service is not responding

There are situations where configuring SharePoint 2010 does not go according to plan as far as the Secure Store Service is concerned. This also affects other services such as the User Profile Synchronization Service etc. When you start getting the message “Cannot complete this action as the Secure Store Shared Service is not responding. Please contact your administrator” upon choosing to manage the Secure Store Service it’s most likely the case that the service account used as the application pool in IIS has some Group Policy restrictions on it.

In some cases you would also see the following in your log files:

An exception occurred when trying to issue security token: The HTTP service located at https://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas is too busy . .

The quickest solution is to grant both “Logon as Service” and “Logon as Batch” rights. In most scenarios this should take take of the problem. However where you have complex OU and GP associations you might have to exclusively exclude the service accounts for the Deny option.