SharePoint installed without Active Directory

When installing SharePoint 2007 (MOSS 2007) or WSS 3.0  from the SharePoint Products and Technologies Configuration Wizard, you may ask, ‘what do I do if I want to connect SharePoint using SQL authentication, rather than Microsoft’s Active Directory?’
You may want to connect SharePoint to its configuration database using a locked down SQL user account to isolate your front end website from Active Directory.

Using the SharePoint Products and Technologies Configuration Wizard, it may appear to be impossible to get past the DOMAIN\User_Name as required in the wizard.

If you havent installed SharePoint yet, then you should not select to open the configuration wizard.
You need to just click ‘close’.

If you have installed SharePoint and not yet run the configuration Wizard, then you will see this message when you click on Central Administration.
See example:

sharepoint_html_m699766201

Now to connect specify an SQL account instead of a DOMAIN\User_Name account, you would have to close the Wizard and perform the following steps:

sharepoint_html_m26b15113

Manually create four databases in your SQL server with the following settings:
Database Name: (see examples below)
Collation: Latin1_General_CI_AS_KS_WS

Database Name examples:
SharePoint_Config (SharePoint Configuration)
SharePoint_AdminContent (SharePoint Admin Contents)
SharePoint_SSP_DB (Shared Services)
SharePoint_SSP_Search_DB (Shared Services Search)

(Note: SSP – Shared Services Provider)

Create your SQL user account and assign permissions as dbo on the above databases

Now search for a file called PSConfig.exe
It should be found in:
C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN

Open a command prompt and go to the directory where the PSConfig.exe file resides.

sharepoint_html_m40c8f28f

Ready for the fun stuff?
Run this command to create your new SharePoint farm and connect it via a SQL account.

PSConfig -cmd configdb -create -server (Database server name) -database (Database name) -user (Farm Administrators domain account) –password (Farm Administrators password) -dbuser (Newly created SQL username) –dbpassword (SQL password) –admincontentdatabase (Admin Content Database name)

You should see a success message. If not, then I would suggest you to recheck your SQL permissions and Farm Administrators permissions. PSConfig will spit out other errors if its anything else.

sharepoint_html_78e67f8e

PSConfig arguments explained:

create: Creates a new configuration database and thus establishes a new server farm. If this server is already connected to a configuration database, the server will be disconnected first, then the new configuration database will be created.

server: The SQL server where the configuration database is located.
database: The configuration database name.
dbuser: The SQL server user name used for SQL authentication.
dbpassword: The SQL server password used for SQL authentication.
user: Server farm administrator user account.
password: Server farm administrator user account password.
admincontentdatabase: The Central Administration Web Application content database name.

You would have to resume the Configuration Wizard.
Go to Start > All Programs > Microsoft Office Server > SharePoint configuration Wizard. The wizard should have detected that the configuration database has already been created.

Don’t disconnect from the server farm, unless you want to recreate the database again.

You should now use your SQL Authentication to any other databases you want to configure such as the SSP and the Search Database.

To add more servers such as Web Front End servers to the SharePoint farm, then you have to go through all the above steps, except run this PSConfig command from the command prompt:

PSConfig -cmd configdb -connect -server (Database server name) -database (Database name) -user (Farm Administrators domain account) –password (Farm Administrators password) -dbuser (Newly created SQL username) –dbpassword (SQL password) –admincontentdatabase (Admin Content Database name)

Argument explained:
connect: Connects to an existing configuration database and thus joins this server to an existing server farm. If this server is already connected to a configuration database, the server will be disconnected first, then connected to the existing configuration database.

And youre done! You now have a SharePoint farm running off SQL logins.

*Please note: Some visitors were confused as they thought it worked for SharePoint 2010. This post is not for SharePoint 2010. You can tell by the 12 hive path. This post dates back way before SharePoint 2010 beta was out.

9 thoughts on “SharePoint installed without Active Directory

  1. hi Jeremy good article and perfect timing as I need this. One correction, the “configdb” parameter should not have a dash before it.

    Thanks

  2. Unfortunately, multiple WFE is not supported without AD. So when trying to add more WFE, an error will be displayed explaining that the user account specified is unknown (as is it as local user account of the first server configured).

    So basically, without AD, only 1 MOSS Server and 1 SQL.

    +

    PS: unless someone has found a way to bypass this checking.

  3. Hello JAD,
    I have had no problems in adding multiple WFEs without AD. What error message are you getting? Are you sure you have the right patch level of SharePoint installed on the WFE?

  4. Doesn’t work with 2010. You are assuming an existing server farm. I’m trying to install a stand-alone system with a real SQL Server installed.

    Additionally, don’t you think it’s kinda weird to provide screenshots for stuff you’re *not* supposed to do?

  5. slogmeister,
    You need to be careful when differentiating between SharePoint 2010 and 2007.

    1. This post is not for SharePoint 2010. I will revise this post to explicitly state that.
    2. Nope, this is for a new server farm.
    3. ‘Real’ SQL server – can you ellaborate?
    4. This is a supported deployment from Microsoft, unless you can provide evidence stating otherwise.

Leave a Reply

Your email address will not be published. Required fields are marked *