Account Type |
Purpose |
Account Name |
MOSS Farm Account |
Server Farm Account. This account needs some SQL permissions granting: dbcreator and security admin (do not grant this account SA!). If using ADACM this is the account used for creating objects in the OU specified – so you’ll need to delegate permissions on the OU to this user. |
svcMOSSFarm1 |
MOSS App Pool | Identity for the any MOSS Web App Application Pool(s). A separate process identity should be used for each content Web App (this allows for greater security and auditing). Using the site name in the naming is not advisable as although this may make troubleshooting and auditing easier it reduces security by showing the relationship between App Pools and Web Apps. |
svcMOSSAppPool1 |
SSP Service Account | SSP service account | svcMOSSSSP1 |
SSP App Pool | Identity for the SSP Web App Application Pool | svcMOSSSSPAppPool1 |
MOSS Search | Account under which the Office SharePoint Server Search runs under. | svcMOSSSearch1 |
MOSS Content Access | Account used to access content sources to be crawled and indexed. Need to grant this account permission to any NON-MOSS content sources (e.g. NTFS file share, Exchange public folder, websites etc…)Separate accounts may be configured for access to specific content sources using crawl rules. | svcMOSSCrawl1 |
User profile & Properties Access Account | Account used to access Active Directory for the Profile import | svcMOSSDSA1 |
WSS Search | Account which the Windows SharePoint Services Search service runs under. Due to the fact the Office SharePoint Server Search service is running this will only index the WSS Help files. | svcMOSSWSSSearch1 |
WSS Content Access | Account used by WSS search service to crawl content. | svcMOSSWSSCrawl1 |
MOSS Install Account | Account used to install MOSS and perform all the required configuration changes.As this account will be used to install and configure the SharePoint servers it must be granted local admin on all farms members and have permissions to the SQL instance.This account can be disabled after installation and configuration is complete (it is not advised to delete it). | svcMOSSInstall1 |
SQL Services | Used to run MS SQL Services |
svcSQLSVC1 |
This list is copied from Matt Grove, thanks Matt.
To make the creation of these accounts easy, I have created a VBS script that does the job.
Option Explicit ' ===================================================== ' Author: Magnus Johansson ' Create date: 12.08.2009 ' Description: Creates services acounts for the MOSS VPC ' File Name: CreateMOSSServiceAccounts.vbs ' ===================================================== Dim strComputer ' Set the local computer name strComputer = "." ' Run the Load method Load Sub Load() Dim strPassword strPassword = "Pa$$word" ' Create the service accounts CreateUser "svcMOSSFarm1", strPassword, "MOSS Farm Account" CreateUser "svcMOSSAppPool1", strPassword, "MOSS App Pool 1" CreateUser "svcMOSSAppPool2", strPassword, "MOSS App Pool 2" CreateUser "svcMOSSAppPool3", strPassword, "MOSS App Pool 3" CreateUser "svcMOSSSSP1", strPassword, "MOSS SSP Service Account" CreateUser "svcMOSSSSPAppPool1", strPassword, "MOSS SSP App Pool" CreateUser "svcMOSSSearch1", strPassword, "MOSS Search" CreateUser "svcMOSSCrawl1", strPassword, "MOSS Content Access" CreateUser "svcMOSSDSA1", strPassword, "User profile & Properties Access Account" CreateUser "svcMOSSWSSSearch1", strPassword, "WSS Search" CreateUser "svcMOSSWSSCrawl1", strPassword, "WSS Content Access" CreateUser "svcMOSSInstall1", strPassword, "MOSS Install Account" CreateUser "svcSQLSVC1", strPassword, "SQL Services SQL Server" CreateUser "svcSQLRS1", strPassword, "SQL Services SQL Reporting Services" CreateUser "svcSQLAS1", strPassword, "SQL Services SQL Analysis Services" MsgBox "Complete!" End Sub ' Create the local user Sub CreateUser(userName, password, description) Dim objComputer Dim objUser ' Check to see if the user exists; if so, then skip If NOT CheckIfUserExists(userName) Then Set objComputer = GetObject("WinNT://" & strComputer & "") Set objUser = objComputer.Create("user", userName) objUser.SetPassword password objUser.FullName = userName objUser.Description = description objUser.Put "UserFlags", 65600 ' Sets Password Never Expires to TRUE ' and sets User Can't Change Password to TRUE objUser.SetInfo Else MsgBox userName & " already exists!" End If End Sub ' Check to see if user exists Function CheckIfUserExists(userName) Dim objComputer Dim intFound Dim User Set objComputer = GetObject("WinNT://" & strComputer & "") objComputer.Filter = Array("user") intFound = 0 For Each User In objComputer If lcase(User.Name) = lcase(userName) Then intFound = 1 End If Next If intFound = 1 Then CheckIfUserExists = True Else CheckIfUserExists = False End If End Function
Then, follow a guide to install a complete MOSS setup.