Service Accounts required in SharePoint 2010


Account name


Domain rights

Local SharePoint Server rights needed

SQL rights needed

sp_install Used to install SharePoint binaries. Domain User Local administrator on all SharePoint boxes dbcreator and securityadmin SQL roles
sp_farm Farm account. Used for Windows Timer Service, Central Admin and User Profile service Domain User Local Admin during UPS provisioning, log on locally right None
sp_webapp App pool id for content web apps Domain User None None
sp_serviceapps Service app pool id Domain User None None, unless using Office Web Apps. Them must give access to content databases manually
sp_search Search process id Domain User None None
sp_content  Account used to crawl content Domain User None None
sp_userprofile1 Account used by the User Profile services to access Active Directory Must have Replicating Change permissions to AD. Must be given in BOTH ADUC and ADSIEDIT. If domain is Windows 2003 or early, must also be a member of the “Pre-Windows 2000” built-in group. None None
sp_superuser2 Cache account Domain User Web application Policy Full Control

Web application super account setting

sp_superreader2 Cache account Domain User Web application Policy Full read

Web application super reader account setting


 Please note these are just recommendations. You may be using more accounts if you multiple application pools. 


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s