Monday, October 05, 2009

The minimum accounts you need to install MOSS using MS recommended best practices

Ok - I have been asked this question several times and have also noticed that the right accounts are not used during MOSS installations. Here is a quick summary of all the accounts you need pre-configured in your AD prior to installing MOSS:

  • mosssetupUSER – Pass@word1 – Moss Setup user – Member of: Administrator – SQL: dbcreator and security-admin
  • sqlserversrvc – Pass@word1 – User to create db’s and sql configs – Member of: Administrator – SQL: dbcreator and security-admin
  • caapooldbaccessUSER – Pass@word1 – caa app pool USER acct and to access db – Member of: Administrator – SQL: dbcreator and security-admin
  • sspappool@AIFSMOSS.local Pass@word1 = SSP App Pool Identity – User rights and entitlements assigned automatically
  • sspserviceUSER – Pass@word1 – SSP Timer/Web Services – User rights and entitlements assigned automatically
  • WssSearchSrvcUSER – Pass@word1 – used for wss search – User rights and entitlements assigned automatically
  • searchcontentaccessUSER – Pass@word1 – default user for search content access – User rights assigned automatically
  • searchspccontentaccessUSER – Pass@word1 – user for search specific content access – read access to external content source
  • userprofilesaccessUSER – Pass@word1 – USER who access the AD and user properties – read rights to AD
  • excelservicesUSER – Pass@word1 – USER to access excel content soruces – read rights to excel content sources