Tuesday, July 12, 2011

Managed Accounts in SharePoint 2010

SharePoint 2010 introduced a new concept called Managed Accounts. Now in SharePoint 2010, administrators can register a managed account which will be used by the farm or specific web applications.
The advantage of using the Managed account is that
1. Managing the account is easier. Can be done at one place using Central Admin.
2. Password changes can be automated.
3. Emails can be sent when the password is about to expire.

To register a new managed account, go to central admin->Security->Configrue Managed Accounts

The admin can specify the settings and register a new managed account using the above UI.
Next time a new web application is created, the admin can select this managed account instead of typing the id and password for the service account.
So when the password has to be changed for the managed account, the admin can go to the list of managed accounts, edit it and change the password. Even better, the admin can configure automatic password change for this managed account to keep it more secure.
This is much easier to do unlike the previous versions where the admin has to change the password wherever the account was used.

1 comment: