Sharepoint 2010 password changes with Powershell. Relief from stsadm.

  • Article

For operation engineers who are experienced with Sharepoint 2007 know  the old stsadm process to change passwords  https://support.microsoft.com/kb/934838  is cumbersome . Sharepoint 2010 is here with powershell integration making it easy to change the passwords for sharepoint managed accounts whose passwords are not set to change automatically when nearing expiration.  I  use powershell end to end to

1) Change the password in AD for service account.

2) Update the password for the service accounts in the sharepoint 2010 farm .

Here is a quick run through

Change the password in AD for service account.

I assume  you can log on to a windows 2008 r2 server in domain where service account exists , you have rights to change the password for the service account. I am using a fictitious account  by the name _svc_acct for this scenario

a) After logging into a server in account domain  launch powershell

b ) Load the AD module

import-module activedirectory

c) Assign the account name to a variable

     $account="_svc_acct"

d) set the password ( please note this as we will be using this in the next section)

     Set-ADAccountPassword -Identity $account -OldPassword (ConvertTo-SecureString -AsPlainText  "xxxx" -Force) -NewPassword (ConvertTo-SecureString -AsPlainText "xxxxx" -Force)

e) Check for successful update of the password updation  ( out put should show recent tiem stamp)

Get-ADUser $account -properties * | select PasswordLastSet

For engineers who do not have windows 2008 r2 machines , you can always change password through your normal process.

Update the password for the service accounts in the sharepoint 2010 farm .

 a) Log on to the CA in the Farm, launch powershell.  Assign the new password from step d in the above section to a variable also store the account to a variable

$account="_svc_acct"

$securepassword=convertto-securestring "xxxxx" -asplaintext -force

b) Retrieve the Sp managed account   and pipeline it to the set-spmangedaccount cmdlet

Get-SPManagedAccount Domain\$account | Set-SPManagedAccount -ExistingPassword $securepassword -UseExistingPassword -confirm:$false

Guys tell me this is easy !!