Sharepoint 2010 password changes with Powershell. Relief from stsadm.
For operation engineers who are experienced with Sharepoint 2007 know the old stsadm process to change passwords https://support.microsoft.com/kb/934838 is cumbersome . Sharepoint 2010 is here with powershell integration making it easy to change the passwords for sharepoint managed accounts whose passwords are not set to change automatically when nearing expiration. I use powershell end to end to
1) Change the password in AD for service account.
2) Update the password for the service accounts in the sharepoint 2010 farm .
Here is a quick run through
Change the password in AD for service account.
I assume you can log on to a windows 2008 r2 server in domain where service account exists , you have rights to change the password for the service account. I am using a fictitious account by the name _svc_acct for this scenario
a) After logging into a server in account domain launch powershell
b ) Load the AD module
import-module activedirectory
c) Assign the account name to a variable
$account="_svc_acct"
d) set the password ( please note this as we will be using this in the next section)
Set-ADAccountPassword -Identity $account -OldPassword (ConvertTo-SecureString -AsPlainText "xxxx" -Force) -NewPassword (ConvertTo-SecureString -AsPlainText "xxxxx" -Force)
e) Check for successful update of the password updation ( out put should show recent tiem stamp)
Get-ADUser $account -properties * | select PasswordLastSet
For engineers who do not have windows 2008 r2 machines , you can always change password through your normal process.
Update the password for the service accounts in the sharepoint 2010 farm .
a) Log on to the CA in the Farm, launch powershell. Assign the new password from step d in the above section to a variable also store the account to a variable
$account="_svc_acct"
$securepassword=convertto-securestring "xxxxx" -asplaintext -force
b) Retrieve the Sp managed account and pipeline it to the set-spmangedaccount cmdlet
Get-SPManagedAccount Domain\$account | Set-SPManagedAccount -ExistingPassword $securepassword -UseExistingPassword -confirm:$false
Guys tell me this is easy !!
Comments
Anonymous
January 01, 2003
I have used this multiple times for farm admin, webapp, search accounts with no issues. If you still have issues you can always use stsadm and should work.Anonymous
December 03, 2010
I have a multi-server farm environment with SharePoint 2010, FAST Search Server 2010 and I have the Farm Admin Account and other accounts for runnng various other services. I am yet to try your post for changing the farm admin password, but after doing this, I hope Central Admin opens. What about the other accounts? I have changed the following account passwords: SPFarm, SPCMS, SPServices, SPFast. How do I handle or set their new passwords?Anonymous
October 24, 2011
Hello SmartSE, The current farm admin account has expired in the SP2010. The fact is the password of the farm admin is system generated. Will this steps be fine to update the password?
- Manually change password of farm admin in the AD.
- Run stsadmin -o updatefarmcredentials -userlogin -password -local in the Hive 14's bin folder.
- iisrest. Will the steps above resolve the database issue of SQL database login for 'SharePoint2010_Config' on instance '<database server>' failed. Additional error information from SQL Server is included below. Login failed for user '<domain><web server>$'. Please help!
Anonymous
October 24, 2011
I notice that when I run the SP Configuration wizard I get the message that I (the farm admin) do not have the enough permission to access the server farm or the database server hosting the server farm is unresponsive or the configuration database is inaccessible or the server that hosts the current SP has been removed from the server farm. Is this indeed due to the farm admin account password expiry? What to do?Anonymous
July 03, 2013
Thanks for this post. it is useful. Can i use the same method for project server too?