Skip to main content
Sign In |
  Help (new window)

Mohamed Yehia - SharePoint Matters

Go Search
Home
Ayman El-Hattab's Blog
Marwan Tarek's Blog
Mohamed Yehia's Blog
  

Follow Me on Twitter
Other Blogs
Marwan Tarek
SharePoint 4 Arabs - Online SharePoint Training, Video Tutorials and Webcasts in Arabic > Mohamed Yehia - SharePoint Matters > Posts > Least Privileges Accounts for SharePoint 2010

4/15/2010

Least Privileges Accounts for SharePoint 2010

Dan Holme wrote an article on on SharePoint Pro Connections that describes the accounts you need to create in order to install SharePoint 2010 while maintaining least privileges for those accounts. Here’s a summary:

You need 3 accounts:

  1. The SQL Server Service Account
    • Identity of MSSQLSERVER and SQLSERVERAGENT services
    • Setup when installing SQL Server
    • No other permissions on any other server
  2. The Setup User Account
    • Use this account to install SharePoint and run SharePoint Configuration wizard, and install patches
    • Must be a member of local administrators group of each SharePoint Server in the farm
    • Requrie securityadmin and dbcreator server roles on the SQL Server
  3. The Database Access Account
    • Misuse of words in Configuration wizard that leads to confusion.
    • This is actually Service account to run the whole SharePoint Farm.
    • Must be a member of local administrators group of each SharePoint Server in the farm before installation.

Go ahead and read the full articles at  SharePoint Pro Connections > Least Privilege Service Accounts for SharePoint 2010, Dan gives more insight and several useful tips.

Thanks Dan!

BR,

Mohamed Yehia

Posted at 3:45 AM by Mohamed Yehia | Category: SP2010; Administration | Permalink | Email this Post | Comments (0)

Comments

There are no comments yet for this post.