Accounts used to install and configure SharePoint 2013

Account
Purpose
Requirements

SQL Server service account
The SQL Server service account is used to run SQL Server. It is the service account for the following SQL Server services:
 MSSQLSERVER
 SQLSERVERAGENT

If you do not use the default SQL Server instance, in the Windows Services console, these services will be shown as the following:
 MSSQL<InstanceName>
 SQLAgent<InstanceName>

Use either a Local System account or a domain user account.
If you plan to back up to or restore from an external resource, permissions to the external resource must be granted to the appropriate account. If you use a domain user account for the SQL Server service account, grant permissions to that domain user account. However, if you use the Network Service or the Local System account, grant permissions to the external resource to the machine account (<domain_name>\<SQL_hostname>).
The instance name is arbitrary and was created when SQL Server was installed.

Setup user account
The Setup user account is used to run the following:
 Setup
 SharePoint Products Configuration Wizard

Domain user account.
 Member of the Administrators group on each server on which Setup is run.
 SQL Server login on the computer that runs SQL Server.
 Member of the following SQL Server roles:
securityadmin fixed server role
dbcreator fixed server role

If you run Windows PowerShell cmdlets that affect a database, this account must be a member of the db_owner fixed database role for the database.

Server farm account or database access account
The server farm account is used to perform the following tasks:
Configure and manage the server farm.
 Act as the application pool identity for the SharePoint Central Administration Web site.
 Run the Microsoft SharePoint Foundation Workflow Timer Service.

Domain user account.

Additional permissions are automatically granted for the server farm account on Web servers and application servers that are joined to a server farm.
The server farm account is automatically added as a SQL Server login on the computer that runs SQL Server. The account is added to the following SQL Server security roles:
dbcreator fixed server role
securityadmin fixed server role
db_owner fixed database role for all SharePoint databases in the server farm


Comments

  1. Unknown9/5/15

    Security is a huge thing to consider in your SharePoint environment. It’s necessary that each user have the proper amount of access.
    SharePoint 2013 Administrator Training

    ReplyDelete

Post a Comment

Popular posts from this blog

"There's a configuration problem preventing us from getting your document. If possible, try opening this document in Microsoft Word." Office WebApp Error

Problem: When Opening a word document I get the following error when Office Web Apps tries to render the document " There's a configuration problem preventing us from getting your document. If possible, try opening this document in Microsoft Word. " Initial Hypothesis: Check the ULS logs on the Web Front End (SharePoint Server) as this doesn't tell me much.  I found the following issue in my UL S: WOPI (CheckFile) - Invalid Proof Signature for file SandPit Environment Setup.docx url: http://web-sp2013-uat.demo.dev/Docs/_vti_bin/wopi.ashx/files/6d0f38c0d5554c87a655558da9cedcad?access_token... Resolution: Run the following PS> Update-SPWOPIProofKey -ServerName "wca-uat.demo.dev" More Info: http://technet.microsoft.com/en-us/library/jj219460.aspx
Continue Read

"Sorry, Word Web App can't open this ... document because the service is busy." Office WebApp

Problem: Intermitten requests are not returning the pdf/word documents.  Most requests are working and occasionally 1 request doesn't work.  Every 4th request tries to get the pdf to display on Office Web Apps for a few minutes without any error message and then stops trying and displays the message "Sorry, Word Web App can't open this ... document because the service is busy." Initial Hypothesis: Originally I thought it was only happening to pdfs but it is happening to word and pdf documents (I don't have excel docs in my system).  My monitoring software SolarWinds is badly configured on my OWA servers as the monitor is showing green, drining into the servers monitoring the 2 application monitors are failing.  The server should go amber if either of the 2 applications fail and in turn red after 5 minutes.  At this point I notice that I can't log onto my 4 OWA/WCA server.  Web request are not being returned.  I look at my KEMP load balancer and it says al
Continue Read

Unable to create a "Send to Connection"- verification failed -url is a not a valid routing destination

ISSUE : Unable to successfully create a send to connection. When creating the Send to connection from Sharepoint 2010 Central Administration and click on Test URL for the Destination URL , we get the following error "verification failed -url is a not a valid routing destination" we see the following entry in the ULS logs Url validation failed for http://gmallya.test.com/sites/testrecordcenter/_vti_bin/OfficialFile.asmx   during Record and document center connection configuration with exception The request failed with HTTP status 401: Unauthorized .:  at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)     at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)     at Microsoft.SharePoint.OfficialFileSoap.GetServerInfo()     at Microsoft.SharePoint.ApplicationPages.OfficialFileAdminPage.<>c__DisplayClass2.&l
Continue Read