locked
HELP!!! WSS 3.0 service account no longer active and needs to be changed RRS feed

  • Question

  • All, I am very new to this and am stumbling as I go - dropped in my lap to find a fix.

    Scenario: Previous employee installed Project Server 2007 and used their domain id to setup Sharepoint services initially.  Employee no longer employed with the company and therefore their domain id has been disable and all of their previous access revoked – have no idea what they had access to or to what level.

    Problem: /pwa and central administration displays “Service Unavailable”.  Sharepoint services are set to use the users domain account to run (and fail due to login failure).

    Solution: need to replace users domain account with a service account that I’ve had setup, least we have to go through this exercise again.

    Dilemma: have no idea how to accomplish statement above.

    Current steps taken: Through some internet research I’ve attempted a few things which I’m sure have made the situation worse.

    1. Change services to run with new service account through services properties “Log On” tab
    2. Disconnected from server farm with sharepoint products and tech config wizard since current config no longer worked
    3. Attempted to reconnect to server farm using new credentials – entered sql server name but login failed
    4. Added service account to sql server with access rights as mirrored from former employees (id was still listed in sql server login id’s).
    5. Attempted to reconnect to server farm using new credentials – wizard tool found the established config database but rejected the new domain id stating that I had to either use the id in which the config database was created with or choose a different database name

    Is there any way of changing the domain id used to setup the environment to a domain service account that I’ve had created without having to recreate the environment from scratch?

    Any help with this would be extremely appreciated as my users have been without the application for almost 3 weeks now.

    Thursday, June 21, 2012 12:19 AM

All replies

  • Active Directory doesn't immediately delete user objects. If the account hasn't been deleted for long I would suggest restoring the account (or restoring from a backup).

    Jason Warren
    Infrastructure Specialist

    Thursday, June 21, 2012 1:24 AM
  • Hi,

    The other option will be to execute STSADM migrate user and use their ID in oldLogin and  the new service account as newLogin.

    I hope this will help you out.


    Thanks, Rahul Rashu

    Thursday, June 21, 2012 1:53 AM
  • Thanks for the reply guys...

    Jason, that's actually one of the options we are looking at since the account itself hasn't actually been deleted.  When an employee leaves the company the account is disabled, renamed, and stripped of all it's access rights.  So theoratically we should be able to rename it back to it's orignal settings, but we will still need to change the database access account to the service account.  Maybe we can try Rahul's suggestion in conjunction to accomplish our goal.

    I'll give it a shot and let you know how it turns out.
    Thursday, June 21, 2012 5:25 PM
  • Hello Ernie Marin,

    Please follw the below KB article which talks about

    How to change service accounts and service account passwords in SharePoint Server 2007 and in Windows SharePoint Services 3.0

    http://support.microsoft.com/kb/934838

    http://blogs.technet.com/b/seanearp/archive/2011/01/25/updating-passwords-on-sharepoint-2010.aspx

    Regards,

    Veera

    Friday, June 22, 2012 8:00 AM
  • Thanks.

    This has been a very interesting and exhaustive exercise... but kinda fun... :)

    I'm still working the issue and will reply back once I've got it iron'd out...

    Really appreciate everyone's assistance.

    Friday, June 22, 2012 8:34 PM
  • Hi Ernie Marin,

    Any update on the above action , was the issue fixed?

    Regards,

    Veera

    Friday, November 2, 2012 5:13 AM