Admnistrative & Service Accounts for Windows SharePoint Services 3.0 (WSS) & Microsoft Office SharePoint Server 2007

jpalmer — Wed, 16 Jan 2008 14:19:24 GMT

Throughout my career working with Microsoft products and technologies, I've often been asked about best practices for the configuration of administrative and service accounts. Carefully planning your administrative and service account strategy can help you deploy a more secure environment by ensuring that you follow the principle of "least privilege". This means that you want your service accounts to have the least amount of access required to do its job and nothing more. So don't use domain/administrator for all of your service/administrative accounts!

Some excellent background reading is the Services and Service Accounts Security Planning Guide over at TechNet.

To find out which administrative and service accounts are required for WSS, their purpose and required rights, you can use the Windows SharePoint Services security account requirements planning tool along with the related TechNet article. There is a similar planning tool for Microsoft Office SharePoint Server and, again, a TechNet article.

Hopefully these tools and articles will help demystify what administrative and service accounts you need to help you secure your SharePoint deployment!

Jeremy's World of Random Stuff : Security

Admnistrative & Service Accounts for Windows SharePoint Services 3.0 (WSS) & Microsoft Office SharePoint Server 2007