How to Change SharePoint Farm Account Password using PowerShell?
What is a SharePoint farm account, BTW? Well, the SharePoint farm account is a service account that manages farm services, is used as the application pool identity for Central Administration, used for database access, and used to run the SharePoint Timer service! In certain circumstances, You may have to change the Password of the SharePoint Farm account, such as Security Policies, Account has been compromised, SharePoint Admin left, etc.
How to Change SharePoint Farm Account Password?
Changing the SharePoint farm account’s password is similar to changing any other managed account’s password in SharePoint. As a first step, Identify the SharePoint Farm account (How to Get SharePoint Farm Account), and then you can change the password as follows:
Case 1: Farm Account’s Password is already changed in the Active Directory
If the Farm account’s password is already changed in Active Directory, You’ll have to update the Farm account credentials in SharePoint. We use the STSADM command-line tool to change the Farm account password in SharePoint 2007 days: Stsadm -o updatefarmcredentials -userlogin “Domain\FarmAccount” -Password “Farm-Account-Password”. Starting SharePoint 2010, Farm Account’s credentials can be updated from the SharePoint Central Administration site or using PowerShell.
How to update the farm account credentials through the Central Administration site?
- Go to your SharePoint Central Administration site >> Click on Security >> Configure Managed Accounts.
- Click on the “Edit” icon next to the SharePoint Farm account.
- Tick the “Change password now” check box and set the “Use existing password” option.
- Enter the password (password which is already changed in AD) of the account and click on OK to update the password of the SharePoint farm account.
This updates the farm account password in SharePoint 2016.
Update Farm Account Credentials using PowerShell:
To sync the password change to SharePoint, run this PowerShell script.
#Get the Farm Account
$FarmAccount = Read-Host "Enter the Farm Account in Domain\User Format:"
#Get the changed Password for the farm account
$Password = Read-Host "Enter the changed password for Farm Account" -AsSecureString
#Update the password for farm account
Set-SPManagedAccount -Identity $FarmAccount -ExistingPassword $Password -UseExistingPassword $true
Case 2: Change the password for SharePoint Farm Account
Let’s say you want to change the Farm account’s password to a new password from SharePoint (The password isn’t already changed in Active Directory).
Farm Account Password Change using Central Administration:
- Go to your SharePoint Central Administration site >> Click on Security >> Configure Managed Accounts
- Click on the “Edit” icon next to the SharePoint Farm account.
- Tick the “Change password now” check box and enter the new password by setting the “Set account password to new value” option
- Enter the new password and click OK to change the password of the SharePoint farm account.
Change Farm Account Password using PowerShell
To reset the farm account’s password to a new one, Use the Set-SPManagedAccount cmdlet in this PowerShell script:
#Get the Farm Account
$FarmAccount = Read-Host "Enter the Farm Account in Domain\User Format:"
#Get the changed Password for the farm account
$Password = Read-Host "Enter the New password for Farm Account" -AsSecureString
#Update the password for farm account
Set-SPManagedAccount -Identity $FarmAccount -NewPassword $Password -ConfirmPassword $Password
Additionally, You may have to check in these items, but not limited to (In case, You used the Farm account in these places): User Profile Synchronization Service, Workflow Service Account, any Secure store stored credentials, SQL Server Service account.
Here is my related post on changing SharePoint managed account’s password: How to Change Managed Account’s Password in SharePoint?