Lost SharePoint Admin Password?

Today, I faced a situation where I was given a SharePoint 2013 Environment to which none of my colleague seemed to have access. Well, the situation wasn’t too bad as it was just a development environment and not a real test/production SharePoint environment.

And it’s one of the common scenario’s which we see that even though you are a Local Administrator on the server, there is not direct way to add yourself as SharePoint Farm Administrator. I wrote another post sometime back on the same theme where I described how to add local administrator as SQL Server Administrator using a script.

Ivan Josipovic has written a PowerShell script which displays the SharePoint Managed Accounts password including the Farm Account, without requiring the current user to be a part of the SharePoint Farm Admin Group.

This script will retrieve the Farm Account credentials and show the passwords for all of the SharePoint Managed Accounts

Download Recover-SPManagedAccounts Script

Get SharePoint Managed Account Password

As you see in the screenshot above, the script would return all the managed accounts and their corresponding passwords from the Secure Service Store.

One of the managed account returned would be Farm Administrator account which is kind of ‘super user’ in SharePoint and you can use this account to log in to Central Administrator and grant yourself Farm Administrator Privileges.

As an alternate, you can run PowerShell with the above account and execute the following script which would serve the same purpose and grant a user Farm Administrator rights on your SharePoint Environment.


Add-PSSnapin Microsoft.SharePoint.PowerShell -erroraction SilentlyContinue

# Creates a new Farm Administrator

$newFarmAdministrator = Read-Host -Prompt 'Please provide the name of the new Farm Administrator in the form of DOMAIN\Username'

$caWebApp = Get-SPWebApplication -IncludeCentralAdministration | where-object {$_.DisplayName -eq "SharePoint Central Administration v4"} 
$caSite = $caWebApp.Sites[0] 
$caWeb = $caSite.RootWeb

$farmAdministrators = $caWeb.SiteGroups["Farm Administrators"] 
$farmAdministrators.AddUser($newFarmAdministrator, "", $newFarmAdministrator, "Configured via PowerShell")

$caWeb.Dispose() 
$caSite.Dispose()

$caDB = Get-SPContentDatabase -WebApplication $caWebApp 
Add-SPShellAdmin -Database $caDB -Username $newFarmAdministrator

And the result is as follows. Even without having any access to the SharePoint environment, I could add myself as the SharePoint Farm Administrator.

SharePoint Farm Admins