Install SharePoint 2010

Installing SharePoint Server 2010 on Windows Server 2008 R2 and SQL Server 2008 R2 - Part 5: Administrative and service accounts

This article describes the administrative and service accounts required for deploying SharePoint Server 2010.

Basic Installation Accounts

It is strongly recommended to create domain accounts and use them as service accounts. You need to create at least the following accounts in Active Directory:

Basic Installation Accounts
Required AccountExample
SQL Server Service Account sqlSvcAcc
SharePoint Setup Administrator spAdmin
SharePoint Farm Account spFarmAcc

Difference to SharePoint 2007

Service accounts in SharePoint 2007 needed 2 properties when they were created in Active Directory:

  • User cannot change password and 
  • Password never expires.

This isn’t necessary with SharePoint 2010 since we now have managed accounts capable of password expiration and automatic change.

So in my development environment I will choose the options "User cannot change password" and "Password never expires".

Assign permission

You need to assign permission only to the SharePoint 2010 setup administrator.

SQL Server service account

You don’t need to assign permissions since they are assigned during installation of SQL Server 2008.

The SQL Server service account is used to run SQL Server and should be a domain account.

Setup administrator

You need to manually assign permissions.

The setup administrator is used to install SharePoint 2010.

The SharePoint 2010 setup administrator has to be a member of the administrators group on every server SharePoint should be installed.

Add the SharePoint 2010 setup administrator to the local administrators group. The setup administrator was added to the locel administrators group.

The SharePoint 2010 setup administrator needs to have the securityadmin and dbcreator role. The sysadmin role is assigned if you decide during SQL Server 2008 installation that your SharePoint 2010 setup administrator should be the SQL admin.

I decided to do so in my Hyper-V development environment.

The SharePoint 2010 setup administrator needs to have the securityadmin and dbcreator role.

Farm account

You don’t need to assign permissions since they are automatically assigned by the SharePoint 2010 setup administrator.

The farm account is used for the following things [1]:

  • "Configure and manage the server farm."
  • "Act as the application pool identity for the SharePoint Central Administration Web site."
  • "Run the Microsoft SharePoint Foundation Workflow Timer Service."

This Article

  •  Basic Installation Accounts
 

Next Steps

Resources

Here are the resources used in this article:

blog comments powered by Disqus