How to Change the Default Content Access Account in SharePoint 2016 Search?
Once we complete creating Search Service Application, The next step is configuring the default content access account that Crawl Component uses to crawl the content sources like SharePoint content. This crawl account will have read access to all your search content sources, such as SharePoint Web Applications.
Set default content access account
You can change the search crawl account from SharePoint Central Administration as:
- SharePoint Central Admin >> Application Management >> Manage Service applications.
- From the service applications list, Select the Search service application.
- On the Search Administration page, click on the account already configured for the default content access account.
- Provide the new crawl account user name and password.
The content access account should be a regular domain account. We shouldn’t use the SharePoint setup or farm administrator accounts for crawling content as it would cause security trimming errors.
PowerShell to Change Search Crawl Account in SharePoint 2016:
If you want to change the default content access account for SharePoint 2016 search service application using PowerShell, use this script:
Add-PSSnapin Microsoft.SharePoint.Powershell -ErrorAction SilentlyContinue
#Set Default content access account
$AccountID = "Crescent\SP16_Crawl"
$Password = Read-Host -AsSecureString
#Get Search service application
$SearchInstance = Get-SPEnterpriseSearchServiceApplication
#Set default content access account for crawl
Set-SPEnterpriseSearchServiceApplication -Identity $SearchInstance -DefaultContentAccessAccountName $AccountID -DefaultContentAccessAccountPassword $Password
Default content access account’s permission:
When you change your Search Crawling Account, SharePoint automatically creates a web application policy with “Full Read” permissions on all Web applications!
