How to fix an out of sync password issue in SharePoint 2010


SharePoint 2010 now stores service account passwords in the config database.  So if you attempt to change the password in the AD and on the services that use it this will break SharePoint.

To fix this issue do the following

  1. Logon to the SharePoint 2010 server as an admin, preferably as the account used to install SharePoint
  2. Open up the SharePoint PowerShell command prompt
  3. Set-SPManagedAccount -UseExistingPassword -Identity DOMAINA\SPSAdmin
    • Where DOMAINA\SPSAdmin is service account that had it’s password changed in the AD
  4. You will then be prompted for the existing\new password for “DOMAINA\SPSAdmin
  5. Run “Repair-SPManagedAccountDeployment” to verify the passwords are now in sync
  6. Next do an IISRESET command
  7. Run Repair-SPManagedAccountDeployment to verify that you do not get this message:
    Repair-SPManagedAccountDeployment : The password for the account DOMAINA\spsadmin, as currently stored in SharePoint, is not the same as the current password for the account within Active Directory. To fix this with PowerShell, run Set-SPManagedAccount -UseExistingPassword.

The Set-SPManagedAccount -UseExistingPassword command will update the config database and service using by this account.

SharePoint 2010 also support automatic password management for service accounts.  See Configure automatic password change for details on this feature.

This entry was posted in Microsoft, SharePoint and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s