Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

SP2010...install with someone other than FARM account....

  Asked By: Ruchir    Date: Mar 22    Category: Sharepoint    Views: 2046

I was in the process of installing SP on a new WFE and, I forgot to use the
FARM account for the install. Things seem to be fine but, have I introduced any
possible problems that may come back to bite me later? I recall how under 2007
everyone advised you to install with the FARM account on all servers. Does this
still hold? Should I reformat and install again?



2 Answers Found

Answer #1    Answered By: Iris Ballard     Answered On: Mar 22

According to the SPC09, this issue was resolved by supplying some kind of
farm level pass phrase. The actually probably has to do with the
installation account  not being available at some point in the future,
prevent certain actions from taking place because of some sort of encryption
used that is somehow related to the sid of the installation account.

Answer #2    Answered By: Jamila Guthrie     Answered On: Mar 22

The issue in SharePoint 2007 was if you installed SharePoint as an account  that
was not used by SharePoint for anything else, then deleted that account or
changed its password. For instance, if I was logged in as contoso\todd when I
installed SharePoint (more specifically when I ran the configuration wizard and
created the config DB) and then I changed my password it's likely you wouldn't
be able to add or remove any machines to or from that farm. The password of the
account that creates the config db is used as a hash for some encryption used by
your farm. If that password gets changed out from under SharePoint, well,
hilarity ensues. When a machine tries to get in or out of the farm, if it
doesn't have the right hash, SharePoint gets very upset.

You will not have this problem if you are logged in as one of your SharePoint
service accounts, like contoso\spfarm, when you create your config db. In that
example if you change contoso\spfarm's password you have to use STSADM to tell
SharePoint about the password so your app pools will run, or your timer job
service will start, or whatever is using contoso\spfarm. When you do that,
SharePoint also updates that encryption hash with the new password, so all is

Alex is right, SharePoint 2010 is immune to this because of the new Farm
Passphrase. It's used to generate the encryption hash instead of the
installation account's password.

Didn't find what you were looking for? Find more on SP2010...install with someone other than FARM account.... Or get search suggestion and latest updates.