Wikis - Page Details

First published by Margriet Bruggeman (Microsoft Partner)
When: 20 Nov 2012 2:48 AM
Last revision by Ed Price - MSFT (Microsoft)
When: 16 Apr 2013 2:38 PM
Revisions: 18
Comments: 16

Options

Can You Improve This Article?

Positively! Click Sign In to add the tip, solution, correction or comment that will help other users.

Report inappropriate content using these instructions.

SharePoint 2013 Best Practices: Service Accounts

Service Account Overview
SQL_Service
SP_EnterpriseAdmin

For a SharePoint installation, this page recommends the following best practices and naming conventions for service accounts:

Service Account Overview

SQL_Service, for the SQL Server service.
SQL_Admin, for the SQL Server administrator.
SP_Admin, for the SharePoint administrator and setup user.
SP_Farm, for the SharePoint farm service.
SP_WebApps, for the user-facing web application app pool.
SP_ServiceApps, for the service application app pool.
SP_Crawl, default content access account.
SP_UserSync, user profile synchronization account.
SP_EnterpriseAdmin, powerful account for handling all kinds of high privilge operations.
Farm administrators, normal admin user accounts are used as SharePoint Farm Administrators.

SQL_Service

This account should be used for running SQL Server engine and SQL Server Agent. Create inside Service Manage Accounts Container inside AD to keep it controlled. Have the following characteristics:

Belongs to the Users Domain Group.

Use only for this two SQL services, if installed more (what you should do) keep the service accounts suggested by the installation program..

SP_EnterpriseAdmin

This account is needed for performing high privilege jobs and (such as installing fixes, upgrades, etc.). It needs to have the following permissions:

Either SQL Administrator or db_owner of all SharePoint databases.
Local administrator of each SharePoint server.
Member of Farm Administrators group.

See http://social.technet.microsoft.com/wiki/contents/articles/12438.sharepoint-2013-best-practices.aspx for more information.

Please Note This page is a community driven effort and is open for update. Originally, it was based on the work of Dan Holme (http://www.sharepointpromag.com/author/5052626/DanHolme).

best practices, en-US, has comment, has comments, Has TOC, Margriet Bruggeman, SharePoint, SharePoint 2013

| |

Comments

Serhad MAKBULOĞLU

20 Nov 2012 4:14 AM

Thanks.
Margriet Bruggeman

20 Nov 2012 6:28 AM

Hi Serhad,

What a fast response, I just started creating the thing!
Gill Dotan

10 Dec 2012 5:15 AM

I think a srvsvc account also should be added

all win services should be run with it like search, doc convert and so on.
Ramiro Gomez de la Cruz

15 Dec 2012 11:24 AM

Thanks
Jussi_Palo

20 Dec 2012 12:30 AM

What about Search service?
Vlad Catrinescu

3 Feb 2013 5:13 AM

Hi,

I did an article about this on Nothing but sharepoint. I am posting the link not to make publicity for it, but to get opinions from the community and make the article better.

www.nothingbutsharepoint.com/.../SharePoint-2013-Service-Accounts-Best-Practices-Explained.aspx
Vlad Catrinescu

3 Feb 2013 5:13 AM

Hi,

I did an article about this on Nothing but sharepoint. I am posting the link not to make publicity for it, but to get opinions from the community and make the article better.

www.nothingbutsharepoint.com/.../SharePoint-2013-Service-Accounts-Best-Practices-Explained.aspx

SharePoint 2013 Best Practices: Service Accounts

SharePoint 2013 Best Practices: Service Accounts

Table of Contents

Service Account Overview

SQL_Service

SP_EnterpriseAdmin

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support by product

Other support links

Not an IT pro?