Go 4 Sharepoint

Search:

Welcome: Guest!

MOSS Forum

Home » Forum » MOSS

Ask a question

RSS Feeds

Service Account Questions

Asked By: Sampat Bellubbli Date: May 15, 2007 Category: MOSS Views: 255

I guess my first question is: What accounts do I really need to
separate out for MOSS 2007?

I've currently got one (1) sharepoint administrator account for the SPS
2003 installation, and that account is restricted to the SPS 2003
servers and the SQL server (but is a domain admin account so that it can
read AD).

In my MOSS installation, I'm pretty much using that account in the test
environment because it can access everything. What do you NEED to
change here?

Do I really need nine accounts:

* SQL Server Service Account: Account used by SQL to run all SQL
services
* Server Farm Account
* SSP Service Account
* Office SharePoint Server Search Account
* Default Content Access Account
* User Profile and Properties Content Access Account
* Excel Services Unattended Account
* One account per application pool: This is typically three
accounts; SSPAdministration, MySite and your main 'Portal' or
'Intranet'.

BTW: I've only got one MOSS 2007 server, and I may end up with two that
will be stand alone installations, e.g. their own farms.

Tagged:service account questions

7 Answers Found

Answer #1 Answered By: Amrita Durgude Answered On: May 15, 2007

I'm not an administrator but I play one on TV. So, I don't hold any hard
beliefs in this area, but I don't think that you want "One account per
application pool". Generally, each active application pool that you
create consumes at least 100 MB of RAM that grows to accommodate usage.
Unless there is a strict demand for memory/thread affinity, I would use
one common application pool. Also, I don't personally see value in
having all those separate service accounts. But I'm a developer that
generally authenticates as the Administrator and uses Administrator for
all my service accounts. So, what do I know.

Answer #2 Answered By: Maricela Conway Answered On: May 15, 2007

My standard farm install would have 3 app pools,
with 3 distinct accounts:

Farm account (Central Admin App Pool)

SSP Account (Shared Services App Pool)

Community Account (Shared App Pool)

The primary reason, in my mind, for creating additional app pools is to
trap errors introduced by your developers.

Answer #3 Answered By: Vinay Thakur Answered On: May 15, 2007

This section starts with a table of 6 accounts for MOSS (4 for
WSS) that you can pre-create.

Answer #4 Answered By: Shameka Rich Answered On: May 15, 2007

I usually just use 3 accounts... I have been uninstalling and
reinstalling and literally "trying" to break my dev install of MOSS
to document any anomolies that I find, and I've never had a problem
with just the 3. I use svc_spadmin, svc_sqladmin, and svc_test.

Answer #5 Answered By: Micheal Knight Answered On: May 15, 2007

I go the route of being able to trap your developer's
errors within the confines of an application pool.

I usually use the following:

Central Admin
Search
Crawl
SSP

And then for each additional web application, they each get their own.

Overkill? Maybe, but when you've got a horde of customers hitting your
site, you've got to do what's best for them right?

Answer #6 Answered By: Cathy Cameron Answered On: May 15, 2007

"trap your developer's errors"

I guess that's why us devs only need one app pool. We don't make errors.

Answer #7 Answered By: Kerri Steele Answered On: May 15, 2007

Maybe it's more trapping the developers.

Didn't find what you were looking for? Find more on Service Account Questions Or get search suggestion and latest updates.