Monday, March 3, 2014

Changing SharePoint Admin Account Password

The scenario I'm blogging today is common for both SP 2010 & SP 2013. Also you can find so many blog posts written about changing SharePoint admin account password or changing SharePoint Service account password. One of the bests is from Todd Klindt which you can find here.
But what if you use the same admin user in two farms in two different geographical locations. Assume, we have two farms, one in US and another in Singapore two directory servers enabled with AD Sync. Your requirement is to change the password of the SharePoint Setup admin (SP_Admin) which is a managed user that has been used both in US farm and the farm in Singapore to setup SharePoint.

First you need to log in to one of the farms, go to central admin > Security > Config Managed Accounts. There you select the user, edit the settings and change the password of the user. Simple as that. :)
But what about the other farm? Same process won't work as you have already changed the password of the same user.

Log in to the second farm, fire up SharePoint PowerShell window with admin privileges. Type the cmdlet given below.
Set-SPManagedAccount -UseExistingPassword -Identity YourDomain\SP_Admin
This will save your day. But let's look into what goes behind.

SharePoint saves all Managed user passwords in config database. So when we change it in the first farm it saves the new password in the config database. But now considering the second farm, it still have the old password saved in the database. If you try to add a new password, SharePoint will compare the existing saved password with the current password (which we changed in the first farm) of the user and will not allow you to change the password from the second server.
So the easiest option available is to ask SharePoint to save and use the existing password of the user.
Hope this helps :)