locked
Managing SharePoint service accounts RRS feed

  • Question

  • We currently have two SharePoint 2010 environments.   One is for internal users.   The other is its own separate farm for external SharePoint users.     Should we look into creating separate service accounts to manage this environment or is it ok to use the farm admin, search service accounts that we used for the internal SharePoint?     Anyone here managing two separate environments that want to chime in?   thanks!
    Monday, December 13, 2010 3:27 PM

Answers

  • The real question is: Do you really want two farms to go down when the account gets locked out or the password gets changed and the servrices are not updated correctly?

    The answer should be no way, so I would recomend that you have seperate accounts for each farm, the rule here is to run least priviledge which does not just mean less security but also means accounts for the specific services.

    Liam

    • Marked as answer by XRS Tuesday, December 14, 2010 11:45 AM
    Monday, December 13, 2010 3:32 PM

All replies

  • The real question is: Do you really want two farms to go down when the account gets locked out or the password gets changed and the servrices are not updated correctly?

    The answer should be no way, so I would recomend that you have seperate accounts for each farm, the rule here is to run least priviledge which does not just mean less security but also means accounts for the specific services.

    Liam

    • Marked as answer by XRS Tuesday, December 14, 2010 11:45 AM
    Monday, December 13, 2010 3:32 PM
  • this is a most excellent point.   thank you. 
    Tuesday, December 14, 2010 11:45 AM