We help the world digitalize since 2017

Posts

SP 2019 Service Accounts Planning

Sharing my experiences with Sharepoint was always my intention. Today I finally took the time to write down my thoughts, experiences, and issues I am experiencing as I attempt to build the SP2019 team site from scratch. For the last 11 years, our client has used SharePoint for content management and project management. All team sites were originally implemented on SP 2010, but somewhere around 2014, they decided to migrate content and build our intranet on SP2013. Once again! In a strategic move, only the intranet was carried over to SP2013, while all other sites were left on SP2010. Time Fast forward, Now the client wanted to build one of their sites in SP 2019 as a trial. Pretty exciting to experience SPFX and modern experiences. So here is the system configuration that we are using:

  • Windows 2019 Server
  • SQL Server 2019
  • 80+80 GB hard drive
  • 8 GB RAM
  • SharePoint 2019 (Enterprise License)

Planning Service Accounts

Before we start building our first site collection, let’s have a brief look at different service accounts that needs to be handy beforehand.

What are Service Accounts: For the SharePoint Server to be installed and for the SQL Server to create databases, you need accounts that have certain levels of administrative privileges. This group of accounts should have extensive permission to modify content on the database server and SharePoint farm, and they are exclusively used to manage Configuration DB creation, Content DB creation, SharePoint farm services configuration, and maintenance, etc.

You will need different types of service accounts for different purposes at various levels: Server Farm Level Accounts:

  1. SQL SERVER ACCOUNT: This domain account will be running SQL Server services:
    • MSSQLSERVER
    • SQLSERVERAGENT
  2. FARM ADMINISTRATION SERVICE ACCOUNT: You will use this account to run the SharePoint setup file and configuration wizard. Add this account to the local administrator group. On SQL Server, add this account to the sysadmin role.
  3. FARM SERVICE ACCOUNT: This account will be used for :
  • Application pool identity for SharePoint Central admin website
  • SharePoint timer service
  • SharePoint Administration service

This is a domain account, automatically granted the following permission on SQL Server:

  • db_creator
  • securityadmin
  • securityadmin

Farm Service Account is a domain account that is used to run the following services :

  • SharePoint Timer Service
  • Central Administration application Pool
  • Security Token Application Pool
  • Windows Token Service

Are you planning to set up SP 2019/ SP Online for your organisation? OR looking to migrate existing sites to Cloud?

Contact us at info@digiklug.com for a free quote.

Leave a Reply :

* Your email address will not be published.