Thursday 9 September 2010

SPAutoinstaller accounts

Change the setup.xml file to use 5 accounts:
  1. SP-Install - domain account with admin local rights on each WFE also need SQL dbcreator and dbsecurity roles (used to login and install binaries, use this account for add new servers to the farm);
  2. SP-Farm - domain account no permissions, will be the account to run timer job and other key roles;
  3. SP-Web-App-Pool - Content Web app account - Domain account only;
  4. SP-Services - Install all services to use the same domain account, this can be seperate for each services but for easy of setup and mainentance use 1 account. Exception is the User Profiles service, setup seperately using Spence Harbors post as the user domain account needs unique security, and
  5. SP-Crawl - Used to crawl SP content.
6th SP-SQL - Domain user account with no prividges used to start the SQL service (recommended) can use local/builin accounts but for Reporting services, and other advanced functionality need a domain account.
 
7th account should be used for User Profiles called SP-Service-UP.  This is a complex issue and needs full review don't try install this blindly hoping it will work.

References
Todd Klindt's Blog
Todd's netcast 49 about installation (specifically install accounts, user profile services and an SP2010 internet version enterprices edition licence bug).
Liam Cleary's list of SharePoint 2010 Service Accounts

3 comments:

Nigel said...

Can you post an example of your XML file?

Paul Beck said...

Hi Nigel,

Here is an example of the setinputs.xml used by Brian Lala's SP2010 AutoSPIntaller. http://www.sharepointsite.co.uk/download/SetInputs.xml

regards, paul

NL12143.AO said...

Is it possible to give us your (Paul's) SetInputs.xml containing the accounts stated ?

This is good info but not clearly given :-(
Again making it difficult to use PS for SP.

"Change the setup.xml file to use 5 accounts: "

You mean the SetInputs.xml file by Brian Lala on codeplex, reference http://autospinstaller.codeplex.com/releases/view/44442

The link given for the example is the default. Not containing the accounts stated in this blog.

demo\demo_acc_farm_p
Should be SP-Farm

demo\demo_acc_web_app
should be SP-Web-App-Pool

demo\demo_acc_sql_p should be SP-SQL

Account="demo\demo_acc_search"
should be SP-Services or SP-Search

Post a Comment