Alexander's Blog

Sharing knowledge with the global IT community since November 1, 2004

How to Change Service Accounts and Service Passwords in MOSS 2007 & WSS 3.0

By
/
On December 3, 2008
/
ad-mania

Microsoft has the following information documented in KB article 934838.

To change the passwords for service accounts in SharePoint Server 2007 and in Windows SharePoint Services 3.0, follow these steps.

Note If the SQL Server service uses a domain account, and the password for that domain account is either expired or invalid, make sure that you update the password for the domain account before you perform this procedure.

  1. Update the password for the account that is used by the Central Administration application pool. To do this, follow these steps:
    1. On all servers in the server farm, open a command prompt, type the following line, and then press ENTER:
      cd %commonprogramfiles%\Microsoft Shared\Web server extensions\12\Bin
    2. On the server that hosts the Central Administration Web site, type the following line at the command prompt, and then press ENTER:
      stsadm -o updatefarmcredentials -userlogin DomainName\UserName -password NewPassword
    3. On all other servers in the server farm, type the following line at the command prompt, and then press ENTER:
      stsadm -o updatefarmcredentials -userlogin DomainName\UserName -password NewPassword -local
    4. Restart Microsoft Internet Information Services (IIS) 6.0. To do this, type the following line at the command prompt, and then press ENTER:
      iisreset /noforce
  2. Verify that the Administration Application Pool Credential Deployment job definition is no longer displayed on the Timer Job Definitions page of SharePoint 3.0 Central Administration. To do this, follow these steps:
    1. Open SharePoint 3.0 Central Administration, click Operations, and then click Timer job definitions under Global Configuration.
    2. Verify that the Administration Application Pool Credential Deployment job definition is no longer displayed in the list.Note If the Administration Application Pool Credential Deployment job definition is displayed in the list, wait until it disappears from the list.
  3. Update the password for the application pool account that is used by Web applications on the server farm. To do this, type the following line at a command prompt on every server on the server farm, and then press ENTER:
    stsadm -o updateaccountpassword -userlogin DomainName\UserName -password NewPassword -noadmin
  4. Update the password for the account that is used to run the Windows SharePoint Services Help Search service. To do this, type the following line at a command prompt on every server on the server farm, and then press ENTER:
    stsadm.exe -o spsearch -farmserviceaccount DomainName\UserName -farmservicepassword NewPassword
  5. Update the password for the default content access account that is used by the Windows SharePoint Services Help Search service. To do this, type the following line at a command prompt on every server on the server farm, and then press ENTER:
    stsadm.exe -o spsearch -farmcontentaccessaccount DomainName\UserName -farmcontentaccesspassword NewPassword
  6. If you are running SharePoint Server 2007, you must also follow these steps:
    1. Update the password for the account that is used by every Shared Services Provider (SSP) on the server farm. To do this, type the following line at a command prompt on every server on the server farm, and then press ENTER:
      stsadm.exe -o editssp -title SharedServicesProviderName -ssplogin DomainName\UserName -ssppassword NewPassword
    2. Update the password for the account that is used to run the Office SharePoint Server Search service. To do this, type the following line at the command prompt, and then press ENTER:
      stsadm.exe -o osearch -farmserviceaccount DomainName\UserName -farmservicepassword NewPassword
    3. If the server farm is configured to use single sign-on, update the password for the account that is used by the Microsoft Single Sign-On Service. To do this, follow these steps:
      1. Click Operations in SharePoint 3.0 Central Administration, and then click Service accounts under Security Configuration.
      2. Under Windows service, click Single Sign-On Service.
      3. Under Configurable, specify the password, and then click OK.
    4. Update the password for the default content access account that is used by the Office SharePoint Server Search service. To do this, follow these steps:
      1. Open SharePoint 3.0 Central Administration, and then click the link to the SSP Web application under Shared Services Administration.
      2. Under Search, click Search settings, and then click Default content access account.
      3. Specify the password to use for the content access account, and then click OK.

The KB article 934838 also has a script listed that automates changing of the passwords.

How to update the SharePoint Server 2007 password when SharePoint Server 2007 is installed in a least-privileges configuration

Method 1: Start the SPAdmin service

Start the SPAdmin service on all computers in the farm before you update the password. Stop the service when the operation is complete.

Method 2: Add the database access account to the local administrators group

Add the database access account to the local administrators group of each computer in the farm that has an online search instance. Log on by using that account, and then update the password by using the stsadm command.

When this operation is complete, remove the database access account from the local administrators group of each computer.

Print đź–¨
  • Facebook
  • Twitter
  • Linkedin
You May Also Like

1 Comments

  1. I have used this site several times, but specifically had to use it today to address an issue that happened during my training class. Thank you so much for giving me this info. I followed it step by step, and it worked!

Leave a Comment

Your email address will not be published. Required fields are marked *

This div height required for enabling the sticky sidebar