SharePoint Dev Center >
Sharepoint 2010 - change password for Farm Account

Answered Sharepoint 2010 - change password for Farm Account

  • Sunday, April 08, 2012 2:42 PM
     
     
    Sign In to Vote
    0

    We decided against implementing 'Automatic Password Change' across our Farms, although the time has now come to manually change the Farm Account password following a security breach.

    The idea is to make the password change in AD, then apply the same approach to the relevant Managed Account in Central Admin.(which seems the most simplistic and supported approach)

    Has anyone had any bad experiences or outages when changing the Farm Account password? Just to be clear, I'm only changing the Password, not the identity of the Farm account.

     

All Replies

  • Sunday, April 08, 2012 3:06 PM
     
     
    Sign In to Vote
    0

    Only changing the password ideally should not have any "negative" impact on the farm. However, it would be a nice to check up on the areas where this farm admin (managed account) is used in addition to figure out if any additional care need to be taken.

    I mean there are several deployments where farm admin account is also used as service account for SharePoint , as SQL Service account , as an active application pool account etc.

    Otherwise it should be just fine...

    My SharePoint Blog
    http://www.dhirendrayadav.com

     
  • Monday, April 09, 2012 4:47 AM
     
     
    Sign In to Vote
    0

    You should be fine. The only thing you may want to do is double check the application pools which are under the farm account. I have seen problems where services/sites stopped working after service account password change.

    Little fish 920

     
  • Monday, April 09, 2012 7:18 AM
     
     
    Sign In to Vote
    0

    Adding little bit to Dhirendra's reply

    If you don't have

    1,Multi-farm setup for the SharePoint environment,

    2,Content Deployment approach

    3,Protecting the Network and Domain forest using security/monitoring applications on your SharePoint environment

    then you can manual password change.Otherwise you need to change your farm account password on all these setup manually.

    Murugesa Pandian.,MCTS|App.Devleopment|Configure


     
  • Monday, April 09, 2012 3:42 PM
     
     
    Sign In to Vote
    0
     

    Thanks guys, changing the password was not a problem, the Farm appears to be happy.

    One thing I didn't factor in, was the affect changing the password would have on another Farm which uses the SAME set of service accounts.
    When opening Central Admin on this 'second Farm' I was stopped with the 'Cannot communicate with the Configuration Database' error. Quick fix was to change the identity for the Central Admin application pool in IIS with the new password. Job done.

     
  • Tuesday, April 10, 2012 6:57 AM
     
     Answered
    Sign In to Vote
    0

    As far as if you are  a "Farm Administrator" on all farm,its good to go this manual changes on all server's IIS and domain(s)
    Just think of "Content Deployment Path" which is pointing to another farm [connected with domain forest],there must be mutual domain trust must be enabled.

    Every time if you want to change the "Password" manually you need to ask the other farm administrator to accommodate your changes on their Farm or domain.

    Murugesa Pandian.,MCTS|App.Devleopment|Configure

     
  • Saturday, April 14, 2012 1:14 PM
     
     Answered
    Sign In to Vote
    0

    Please refer to this article: http://www.toddklindt.com/blog/Lists/Posts/Post.aspx?ID=301

    This Article can be thought as a reference for changing passwords for all accounts engaged with SharePoint Implementation (Installation Accounts, Service Accounts....etc.).

    Hamza AlSughier