Skip Ribbon Commands
Skip to main content

Anders Rask on SharePoint


Anders Rask on SharePoint > Posts > Getting an overview over used accounts on a SharePoint 2010 farm
June 05
Getting an overview over used accounts on a SharePoint 2010 farm

​In SharePoint 2010 accounts comes in two flavours: Managed accounts and Service accounts. This means we have to dig a bit around to get an overview over what accounts are actually used. Since some are managed account and some are not, the PowerShell commands below in some cases return the same accounts. Think of the commands as a quick shortcut to get an overview of where certain accounts are used in your farm:

First off, you can get an overview of the existing managed accounts simply by typing


This however does not tell you where an account is used, so lets dig a bit deeper.

First lets see where we should expect accounts to surface. The below list is probably not complete but drop me a comment and I will add any accounts I have missed out:

  • Service Application Pools (managed accounts)
  • Service Applications  (mostly managed accounts)
  • Web Application Pools (managed accounts)
  • Service instances - (mostly managed accounts)
  • Services (like SPTimerV4)
  • Object cache accounts (reader and user)
  • Search crawler account (managed account)


Get Farm administrators

Find the farm administrators using the following cmdlets

Get-SPWebApplication -IncludeCentralAdministration | ? IsAdministrationWebApplication | Select -Expand Sites | ? ServerRelativeUrl -eq "/" | Get-SPWeb | Select -Expand SiteGroups | ? Name -eq "Farm Administrators" | Select -expand Users


Service Application Pool accounts

Using the cmdlet


gives you both service application pool name and process account name.

Service Application accounts

To find out what service application pools are used for a given service application use this command:

Get-SPServiceApplication | select -expand applicationpool -EA 0

Note that the -EA = 0 (-ErrorAction SilentlyContinue) will swallow any exceptions due to the fact that not all service applications are web based (inherits from SPIisWebServiceApplication).

A special case  to be aware of, is the User Profile Synchronization Service Connection. This account is not managed, and can be a bit tricky to find using PowerShell.

First get a hold of the UserProfileConfigManager, then select the connection manager and get the account name:

$configManager = New-Object Microsoft.Office.Server.UserProfiles.UserProfileConfigManager( $(Get-SPServiceContext http://yourSite))
$configManager | select -expand connectionmanager | select AccountUserName

Web Application Pool accounts

Getting to the web application pools are not straight forward, as they do not have cmdlets defined like Service Application Pools. To access existing web application pools we use the Content Service:

[Microsoft.SharePoint.Administration.SPWebService]::ContentService.ApplicationPools | Select Name, Username

 If you want to find out what application pools, and hence accounts, are used by existing web applications this is pretty straight forward:

Get-SPWebApplication | select -expand applicationpool | Select name , username


Service Instance accounts

The command to get these gets a bit longwinded to account for that some are managed and some not:

Get-SPServiceInstance | select -expand service | % { if ( $_.ProcessIdentity -and $_.ProcessIdentity.GetType() -eq "String") { $_.ProcessIdentity } elseif ( $_.ProcessIdentity ) { $_.ProcessIdentity.UserName }}



Using Get-Process does not contain information about what accounts the services are running under. Getting this information would require us to dig a bit deeper.

Fire up PowerShell and type in the following:

Get-WmiObject -Query "select * from win32_service where name LIKE 'SP%v4'" | select name, startname

This should give you output like this:

name               startname
----               ---------
SPAdminV4          LocalSystem
SPTimerV4          CONTOSO\svcSPFarm
SPTraceV4          NT AUTHORITY\LocalService
SPUserCodeV4       CONTOSO\svcSPUserCode
SPWriterV4         CONTOSO\svcSPFarm

Other processes ends with "14":

Get-WmiObject -Query "select * from win32_service where name LIKE '%14'" | select name, startname 

Object cache accounts

These accounts are used for accessing cached data. Not setting them causes a performance overhead as explained here.

The values are stored in the Web Application properties and can be fetched like this:

Get-SPWebApplication| % {$_.Properties["portalsuperuseraccount"]} 

Get-SPWebApplication| % {$_.Properties["portalsuperreaderaccount"]}


Search crawler account 

Setting this account can be done using Set-SPEnterpriseSearchServiceApplication -DefaultContentAccessAccountName, but querying it is a bit tricky:

New-Object Microsoft.Office.Server.Search.Administration.content $(Get-SPEnterpriseSearchServiceApplication) | Select DefaultGatheringAccount



The above commands should give you an overview of where your accounts are used. There are more accounts not listed above, for example all accounts used for Secure Store, unattended service accounts for services like Visio, but most are covered above.

If I have forgotten some important accounts or if you see something blatently wrong in the above, feel free to comment :-)


Super! This covers what I need

I have 19(!) farms to document, so these scripts are really helpful.

I had trouble finding what URL to use in the SP_ProfileSync account using the UserProfileConfigManager and what to replace http://yourSite with. As it turned out, it's the Central Admin URL which lead me to improving the script so it can be used regardless of farm.

$caWebApp = [Microsoft.SharePoint.Administration.SPAdministrationWebApplication]::Local
$configManager = New-Object Microsoft.Office.Server.UserProfiles.UserProfileConfigManager( $(Get-SPServiceContext $caWebApp.Sites[0].Url))

Thanks for the post, Anders
 on 5/27/2015 7:05 AM

Re: Getting an overview over used accounts on a SharePoint 2010 farm

 on 1/24/2017 4:09 PM

Re: Getting an overview over used accounts on a SharePoint 2010 farm

 on 1/24/2017 4:09 PM


The above charges should give you an outline of where your records are utilized. There are more records not recorded above, for instance all records utilized for Secure Store, unattended administration represents administrations like Vision, yet most are secured previously.
 on 8/1/2018 6:06 AM

Re: Getting an overview over used accounts on a SharePoint 2010 farm

This post is quite old and it's because of this post that I can't do anything about  I think that I need to know what is going on there and then work on it.
 on 8/10/2018 10:36 AM

Re: Getting an overview over used accounts on a SharePoint 2010 farm

There is much to know from writing and you can learn everything from It's great website to enjoy something good for us.
 on 10/7/2018 3:51 PM

Finance Essay Help UK

A debt of gratitude is in order for sharing this incredible information! You should post more perspectives with respect to various subjects moreover. I'm getting amped up for this sort of gainful data about your stuff.
 on 12/14/2018 5:13 PM


Great info. I love all the posts, I really enjoyed, I would like more information about this, because it is very nice., Thanks for sharing.
 on 12/19/2018 7:59 PM

Re: Getting an overview over used accounts on a SharePoint 2010 farm

Amazing posting this is from you. I am actually and truly thrilled to read this fantastic post. You've really affected me today. I hope you'll carry on to do so!
 on 1/15/2019 11:46 PM


It's as yet a great plan to back everything up before closing it down for good. You'll require either a hard drive or a system area to back everything up. You'll play out the reinforcement within Central Administration in your SharePoint Farm.
 on 3/29/2019 9:35 AM
1 - 10Next

Add Comment


Body *

Migrated Source URL

Commentator Name

Commentator Email

BotCheck *

Are you human? What is the sum of fifty-two minus ten?