AD Account name | Role | Domain rights | Local SharePoint Server rights needed | SQL rights needed |
spfarmadmin | Used to install SharePoint binaries and Farm account. Used for Windows Timer Service, Central Admin and User Profile serve | Domain User | Local administrator on all SharePoint boxes | dbcreator and securityadmin SQL roles |
spsitewebapp | App pool account for content web apps (end user site collections) | Domain User | None | None |
spserviceadmin | Service app pool id | Domain User | None | None, unless using Office Web Apps. Them must give access to content databases manually |
spsearchadmin | Search process id | Domain User | None | None |
spsearchcrawller | Account used to crawl content | Domain User | None | None |
spuserprofile | Account used by the User Profile services to access Active Directory | Must have Replicating Change permissions to AD. Must be given in BOTH ADUC and ADSIEDIT. If domain is Windows 2003 or early, must also be a member of the "Pre-Windows 2000" built-in group. | None | None |
Monday, March 28, 2011
SharePoint 2010 Service Accounts
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment