Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

SQL Server accounts

  Asked By: R    Date: Oct 21    Category: Sharepoint    Views: 823

We're on pace to roll out SPS and WSS 2003 to our entire
organization hopefully by the end of the month (it's about time).
While we've been doing testing, one thing that hasn't crossed my
mind so much until now is the accounts that should be set up in SQL
Server. We have a number of people using SharePoint at the moment,
about 8 or 10, for our SharePoint project team and a few other
testers/developers. They are all users of the portal and a few
sites. But we only have two users defined on each
SharePoint database in SQL Server, both users being in the config
database, and in all the content databases. These users are dbo,
and our SharePoint administrator domain account (this is a domain
admin). We also have a few logins for administrative accounts.

Would it be wise to add everyone else in the organization to the
content database (or any more logins to the SQL Server), or should I
leave it like it is, since most of the security is on the SharePoint
end? Are there any potential issues for either approach?



5 Answers Found

Answer #1    Answered By: Jagjit Phutane     Answered On: Oct 21

Access to the SQL databases is done through a "technical" user that you should
define in your Windows domain as "Configuration database access account". I
recommend you use the same account as Portal Site Application Pool Identity. You
must give that account the Database Creator and Security Administrator roles on
your SQL server. Access to the DBs is done through that account and you only
have to manage user security at the portal and subsites level.
Look at the administrator guide for more info on installing a SPS 2003 farm. It
will give you the list of pre-installation operations (including technical user
definitions and role assignment).

Answer #2    Answered By: Janak Jadeja     Answered On: Oct 21

You only need one user for SharePoint in you SQL server  DB. Whatever
user ID(s) you setup in the Server Farm Account Settings needs to
have Database Creator and Security Administrator rights on the SQL
server databases.
It is not needed (or advised) to add your user's IDs to SQL Server.

Answer #3    Answered By: Jude Alston     Answered On: Oct 21

I was a little unclear in the first sentence... I meant "define a technical
account in your Windows domain and set it as Configuration database access
account during SPS configuration (which you perform right after SPS software

Answer #4    Answered By: Araceli Eaton     Answered On: Oct 21

I had a feeling that I was basically on the right track...though at
the moment we currently have two separate accounts  for the Config.
DB Admin account and the Application Pool Identity (one being our
designated SQL server  admin account on our domain, and the other
being our dedicated SharePoint admin account). Tomorrow we will be
wiping out and reconfiguring the OS's on each of the three servers
on our farm (all will have Windows 2003 Server), so I will go over
you guys' suggestions, look through the SPS Admin Guide again and
see what happens.

It's nice to know that most of the security is dealt with from the
SharePoint end of things, though it almost seems too easy...

Answer #5    Answered By: Nisarg Kapadia     Answered On: Oct 21

Please be aware incase if the service account gets
locked [when you mis type the pwd more than 3 times]
you will have to face the unavailability of sharepoint
for atleast less than a hr. so, please be extra
careful while configuring the no. of db & service
accounts and their respective pwd.

Didn't find what you were looking for? Find more on SQL Server accounts Or get search suggestion and latest updates.

Related Topics:



Related Post