The server farm account should not be used for other services.

Tevon2.0 1,101 Reputation points
2023-05-24T14:39:24.15+00:00

What problems does using an admin account cause and should I replace with a regular user account?

SPTimerService (SPTimerV4) failing service -

Severity 1 - Error

Category Security

Explanation LINGUALISTEK\spfarmadmin, the account used for the SharePoint timer service and the central administration site, is highly privileged and should not be used for any other services on any machines in the server farm.  The following services were found to use this account: lgemp80 (Application Pool).

SharePoint Server
SharePoint Server
A family of Microsoft on-premises document management and storage systems.
2,221 questions
SharePoint Development
SharePoint Development
SharePoint: A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.Development: The process of researching, productizing, and refining new or existing technologies.
2,668 questions
SharePoint Server Development
SharePoint Server Development
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Development: The process of researching, productizing, and refining new or existing technologies.
1,573 questions
SharePoint Server Management
SharePoint Server Management
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Management: The act or process of organizing, handling, directing or controlling something.
2,799 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Yanli Jiang - MSFT 21,446 Reputation points Microsoft Vendor
    2023-05-25T07:06:31.61+00:00

    Hi Tevon ,

    The reason for this problem is:

    The account that is used to run the SharePoint Server Timer service and other system services in the SharePoint farm should not be used for other services in the farm.

    Resolution: Change the account that is used for other services.

    Verify that the user account that is performing this procedure is a member of the Farm Administrators group.

    In Central Administration , in the Security section, click Configure service accounts.

    On the Service Accounts page, in the Credential Management section, in the drop-down list, click the service that you want to update credentials.

    In the Select an account for this component list, click the domain account that you want to associate with this service.

    If you want to register the account that you selected on the SharePoint Server farm, click Register new managed account.

    1. Click OK.

    For more information, please refer to:

    https://learn.microsoft.com/en-us/sharepoint/technical-reference/the-server-farm-account-should-not-be-used-for-other-services

    And Account permissions and security settings in SharePoint Servers, please refer to this article to get more details:

    https://learn.microsoft.com/en-us/sharepoint/install/account-permissions-and-security-settings-in-sharepoint-server-2016

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.