Wednesday, August 20, 2014

How to Change Managed Account Password in SharePoint 2013

You may have to change your service account passwords for reasons such as: Password expiration, Security best practice, Your SharePoint guy left your company, etc. Remember those old days? You got to run stsadm -o updatefarmcredentials and update application pool accounts on every server in the farm?

Luckily, we got managed accounts feature starting from SharePoint 2010 onwards. The primary advantage of the managed accounts idea is: To centrally manage service accounts of SharePoint in one place, by registering and mapping them with  SharePoint Services such as: Farm, Service Applications, Application Pools, etc. So, whenever you need to change the service account's password, Update them once!

There are three different cases to change managed account passwords in SharePoint 2013 either from SharePoint Central Administration or using PowerShell.

  1.     Generating new password
  2.     Set account password to new value
  3.     Use existing password - This option lets us updating the account password in SharePoint, if it is changed in Active Directory(or somewhere!)
Change Managed Account Password in SharePoint 2013
Case 1: Change password of the Managed account to a new random password:
If you want the password to be changed to an automatically generated random password, Use the "Generate new password" option.

To reset managed account password SharePoint 2013 with PowerShell:
Set-SPManagedAccount –Identity domain\user -AutoGeneratePassword $true

Case 2: Change Password of the Managed account in SharePoint as well as in AD
If you want to change the service password to a specific value, select the option "Set account password to new value" and enter the new password.

You can change managed account passwords in SharePoint 2010/2013 using PowerShell as:
$ManagedAccount = Read-Host "Enter the Managed account in Domain\User Format:"

#$ManagedAccount = Get-SPManagedAccount -Identity “sharepoint\sa-spcontent”
#Get new Password for the managed account
$Password = Read-Host "Enter new password for managed account" –AsSecureString

#Change the password for the managed account
Set-SPManagedAccount -Identity $ManagedAccount -NewPassword $Password

When you try to change managed account password in SharePoint 2013k, You may get the error:
"Set-SPManagedAccount: The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements"
Apparently, the given password is not satisfying your AD domain's password policy. Just check with your AD admin to get the password policy insights.

Case 3: Update the password of the Managed Account, which is updated in AD:
If you / AD admin has already changed the service password in active directory, you have to update it in SharePoint. Select "Use existing password" option and then enter the password

To update managed account passwords in SharePoint  2013, using PowerShell:
$ManagedAccount = Read-Host "Enter the Managed account in Domain\User Format:"

#Get new Password for the managed account
$Password = Read-Host "Enter new password for managed account" –AsSecureString

#Change the password for the managed account
Set-SPManagedAccount -Identity $ManagedAccount -ExistingPassword $Password -UseExistingPassword $true
If you get access denied error on changing password of managed account in SharePoint 2013 or in SharePoint 2010, one possible reason could be: "User cannot change password" settings.
change managed account password sharepoint 2010



You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Check out these SharePoint products:

No comments :

Post a Comment

Please Login and comment to get your questions answered!

You might also like:

Related Posts Plugin for WordPress, Blogger...