Home > SharePoint > Just another SharePoint VM–Part 2–Setting up the service accounts

Just another SharePoint VM–Part 2–Setting up the service accounts

If you have not already checked it out, the installation and configuration of Windows Server 2012 on a new VM has been published in Part 1. We shall now progress on to setting up required service accounts before going on to install other software components and prerequisites for SharePoint.

When you install SharePoint, it is recommended that you create service accounts as which each of the several services – not only those of SharePoint but also those of SQL Server – may run. For SharePoint 2013, the required service accounts are enumerated in this TechNet guidance.

In order to create these service accounts, we’ll use the Active Directory Users and Computers tile on the Start Menu shown below:


When in the management console, expand the local domain, right click on the "Managed Service Accounts" branch and drill down the "New" option to create a new "User".


The first one we’ll create is a service account to run the SQL Server service as:


The following settings relating to the password policy are what I typically use to ensure that service account passwords do NOT expire and cause the services to stop unannounced.


Follow this up with a few more accounts:

1. To use as the SharePoint setup user – the low privilege account that we shall install SharePoint as – we shall call this "SP Setup"

2. For the farm account – the one that SharePoint application pool is going to use – we shall call this "SP Service"

3. The account using which to run the service applications after installing SharePoint – we shall call this "SP Services"

When done, you should have the following:


Next we need to add the SharePoint setup service account – known as SP Setup above to the local Administrators group on this server. To do this, right click on the user and choose "Properties". Go to the "Member Of" tab and click on the "Add…" button. In the "Select Groups" dialog, type "Administrators" into the object names to select box and click on "Check Names" to resolve it.


Click on "OK" on the "Select Groups" dialog to see the group added to the list of those that the user is a member of. Click "OK" on the Properties dialog to complete. After we have completed installing SQL Server 2012 on the machine, we will need to add a login to SQL Server for this user and add them to a couple of roles – securityadmin, dbcreator and db_owner.

NOTE: The documentation says you only need the db_owner role if you run powershell cmdlets using this account that affect the database which I usually do require.

NOTE: We do not do any of this for the SharePoint Farm account – known above as SP Service – because during SharePoint Configuration, this account should automatically be given the required database privileges.

We can now progress on to installation of SQL Server 2012 and SharePoint 2013.

Read about installing and configuring SQL Server 2012 in readiness for SharePoint 2013 in Part 3.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: