So , one of the developers called me up and told me that he could not get into his single server development SharePoint farm, he could deploy his solution however. So I rolled my eyes and said what did you do.. Nothing was the reply! (are you surprised) . Well it turned out that he had been forced to change his password. And you guessed it, he used that account to setup his SharePoint installation. So much for the principle of least privilege concept! He then went in and started changing the passwords in the SharePoint Service in the windows Service.msc interface. Once the server was restarted we got the famous “Service Unavailable” error. The application pools just would just not stay up ! Even Pfizer could not help!
So I dug up some powershell TADA and I could not find a reference to it on this site so I though it would be a useful tit bit.
Changing the password on a SharePoint managed Account after it has already been changed in AD
### Start Script ###
# Loading Microsoft.SharePoint.PowerShell
$snapin = Get-PSSnapin | Where-Object {$_.Name -eq 'Microsoft.
SharePoint.Powershell'}
if ($snapin -eq $null) {
Write-Host "Loading SharePoint Powershell Snapin"
Add-PSSnapin "Microsoft.SharePoint.Powershell"
}
#Prompt for Managed Account you want to change
$ManagedAccount = Read-Host "Enter managed account as Domain\User:"
#For my developer buddies if you are only using one managed account (BOO), this will work
#$ManagedAccount = Get-SPManagedAccount
#Get the password that has already been changed in AD, make sure you login with it to make sure
$NewPassword = Read-Host "Enter password from Managed account:" –AsSecureString
#Change the password
Set-SPManagedAccount -Identity $ManagedAccount -ExistingPassword $NewPassword –UseExistingPassword $true
### End Script ###
/Colin