Below is a table which lists down the service accounts
and their roles in a mid-size SharePoint farm.
This is just my personal recommendations based on my
experience and the requirements my farm had. Based on the SharePoint features
you use, you can have additional service accounts. You can run a farm with one service
account also. But that would not be a Microsoft recommended practice.
Account Name
|
Role
|
Permissions needed
|
SP_SETUP
|
Setup Account. This account will be
used to install SharePoint binaries
|
SharePoint Server : Local
administrator on all SharePoint servers
SQL Server : dbcreator and securityadmin
|
SP_FARM
|
Farm account. This account will be
used for Windows Timer Service, Central Admin etc.
|
SharePoint Server : Local
administrator on all SharePoint servers
|
SP_WEB
|
This account will be used Application
pool ID for web applications
|
|
SP_APP
|
This account will be used
Application pool ID for service applications
|
|
SP_SRCH
|
This account will be used
Application pool ID for Search Service application
|
|
SP_CRWL
|
This account will be used as
Search Crawl account
|
|
SP_SUSR
|
This account will be used SharePoint
Portal Super User account
|
Web application Policy : Full Control
|
SP_SRDR
|
This account will be used SharePoint
Portal Super Reader account
|
Web application Policy : Full read
|
SP_UPS
|
This account will be used as User
Profile services account
|
Must have Replicating Directory
Changes permissions to AD
|
Posts
No comments:
Post a Comment