SharePoint have services that require access to servers in network, it needs a few accounts to use as identity of several its services. For SharePoint Server Farm installation you need a specially configured SETUP account.
THE SETUP ACCOUNT
Setup Account is used to run SharePoint installation and configuration , which it uses to create configuration database, assign the farm account right to own that configuration database. Setup Account is also used to run the SharePoint preparation tool and the configuration wizard. |
Setup Account must have the right to log on locally to the server where SharePoint is installed and also have to permission to install the software and start\stop services. Usually you can create this account on local server and assign to server administrator group. Setup Account must also be assigned special roles on the SQL Server.
Active Directory administrator can create this account in the Domain Admins group. You can follow the below steps to create your self
1. To add the user to Active Directory and add to the Domain Admins group, Open the Active Directory Users and Computers screen by Start –> Administrative Tools –> Active Directory Users and Computers
2. Click the Users node, and then click the Add Users button , In User Dialogue box enter appropriate name in User Logon field and fill other fields as shown in the below picture
3. Click Next and enter a password. Uncheck User must change password option and check password never expire option as shown below
4. Click next and say finish, the account which you have created will be highlighted in the console.
5. To add the setup account to the domain admin group , right-click the user name and select add to a group option from the pop-up menu.
6. In the enter objects names to select field , enter the group name and click check names button. once it finds the name click ok
SERVICE ACCOUNTS
Additional accounts may be required during the configuration of SharePoint in a server farm scenario. In single server, local service or network service accounts will work fine. Domain accounts are required when sharepoint services need to access resources that are not on the local server.
In SharePoint server farm installation you need additional accounts apart from setup account
Farm Account –
This account used by SharePoint servers in farm to access configuration database and run SharePoint specific services. This account added as owner to configuration database in SQL Server. This account is application pool identity for Central Administration and also is the SharePoint Timer service account.
Search Account –
It is the owner of the Search database and it answers search queries. This account needs to be registered as a managed account.
Index Account –
It is the owner of the Search database and also known as content access account. It crawls and indexes SharePoint content. It needs read access on all Search-enabled content databases.
BDC Account –
This account is used by SharePoint to pass data between a user, SharePoint and an external datasource using the BDC service. Often BDC uses farm account as it’s identity.