Logo 
Search:

Sharepoint Articles

Submit Article
Home » Articles » Sharepoint » GeneralRSS Feeds

Managed Accounts in SharePoint 2010

Posted By: Destin Joy     Category: Sharepoint     Views: 7653

Managed Accounts in SharePoint 2010

In this article I am describing about the new feature in SharePoint 2010 named managed Account. To reduce the load of managing various service accounts in Microsoft SharePoint Server 2010, the concept of managed accounts has been introduced. Much like managed accounts in Windows Server 2008, they allow SharePoint Server to take control of all the service accounts we use.

To understand it more clearly let me give you a small example, Consider having an app pool account, for example called DOMAIN\SharePointAdmin.And we are using this account for a large number of web applications. Suppose if we want to change the password for that account; you would need to go into each and every web application and reset the password after the change, not to mention that the applications you haven’t changed yet will stop working. This was the scenario in SharePoint 2007. SharePoint 2010 introduces the managed account. In short, rather than specifying the user name and password on every occasion, you create a managed account and set the password there. Then, when you need to enter a user account you simply select which managed account to use and you don’t need to know the password. This also allows farm administrators to set up the service accounts so that others do not need to know the password for the account.

Managed Account credentials are encrypted using a farm encryption key that is specified when we run PSConfig[ui].exe at farm creation(SharePoint Configuration wizard).  The passphrase is stored in a secure registry location so that it can only be accessed by the farm account and encrypted so that only the farm account has access. The farm encryption key later, is stored in the Configuration Database.   This scenario is what enables farm administrators to join machines to the farm without specifying the This was the limitation with earlier SharePoint versions. Another benefit of managed account is , suppose an administrator would like to create a new Web application using Windows PowerShell or SharePoint Central Administration – the administrator only needs to specify the Application Pool account  or select the account in the SharePoint Central Administration (in the case of Central admin screen) user interface as opposed to both having to know the domain\username and associated password.

Get Managed Accounts (SharePoint Central Administration)

  1. To view existing Managed Accounts using SharePoint Central Administration, select Security from the SharePoint Central Administration homepage.
  2. On the Security page select Configure managed accounts under General Security.
  3. The Managed Accounts page will list all Managed Accounts registered in SharePoint.

Register Managed Accounts (SharePoint Central Administration)

  1. To register new Managed Accounts using SharePoint Central Administration, select Security from the SharePoint Central Administration homepage.
  2. On the Security page select Configure managed accounts under General Security.
  3. On the Managed Accounts page select Register Managed Account.
  4. On the Register Managed Account page (see illustration below) specify the credentials and select the password change policies as desired.
Share: 


Didn't find what you were looking for? Find more on Managed Accounts in SharePoint 2010 Or get search suggestion and latest updates.

Destin Joy
Destin Joy author of Managed Accounts in SharePoint 2010 is from Pathanamthitta, India. Destin Joy says

 Hello Everyone,

I am Destin Joy from India I have MCPD in SharePoint 2010, MCTS SharePoint 2010 application development and MCTS in SharePoint 2007. I am mostly working in  core part of SharePoint (2010-2007) and passionate about new Microsoft technologies. Born and brought up in Kerala You can reach me  @ Destin.Joy@hotmail.com

 

 
View All Articles

 
Please enter your Comment

  • Comment should be atleast 30 Characters.
  • Please put code inside [Code] your code [/Code].

 
No Comment Found, Be the First to post comment!