SharePoint Project Series.

This is a series of blogs I am writing on SharePoint projects:

Part 1 - Design and Planning Part 2 - Implementation (Stage 1) Part 3 - Implementation (Stage 2)
Part 4 - Training Part 5 - Continued Support Part 6 - Suggested Continued Improvement

Thursday, June 18, 2009

Security Service Accounts

For both WSS and MOSS I like to use the least privileged account methodology for all my deployments. This is considered Microsoft best Practice.

Account

Usage

SP_AdminSharePoint set up account, used to install SharePoint. Local administrator on web front end. DB Creator on SQL.
SP_FarmSharePoint Farm service account. DB Creator and Security Admin on SQL. Also used as the Central Admin application pool identity.
SP_WssSearchWSS search Account.
SP_MossSearchMOSS Search service Account.
SP_ContentSharePoint Content Crawl Account.
SP_ProfileUser profile import account.
SP_SSPAppPoolApplication pool identity for Shared Services Provider
SP_PortalAppPoolApplication pool identity for Portal web application.
SP_MyAppPoolApplication pool identity for Mysites web application.
SP_ExcelExcel Services service account.
SP_SSOSingle Sign On service account.

Above is a general guide of what I use when deploying WSS and MOSS environments. Some of the above accounts are not needed for WSS.

No comments: