When removing SharePoint managed accounts, there is a right way and a wrong way ...

The Right Way

The Wrong Way

If the account is removed from Active Directory before being removed from SharePoint, administrative functions that rely on enumerating/manipulating the managed accounts will fail.  For example, when clicking on "Configure service accounts" the following error would be displayed: Some or all identity references could not be translated.

To resolve the issue, the deleted Active Directory account must first be recovered using the LDP tool.  Creating a new account with the same name will not work as the SharePoint managed account is tied to the unique security ID of the deleted Active Directory account.  The following article explains manually recovering items in Active Directory using LDP: http://www.petri.co.il/manually-undeleting-objects-windows-active-directory-ad.htm.  Once the account has been restored, it can then be removed from SharePoint, and then removed from Active Directory.

When creating search scopes, consider the following:

If a search scope is created for a site collection, the scope will ONLY be available for the site collection where it was created.  To create a shared search scope that will be available across all site collections, use Central Administration to create a shared search scope.

Site Collection Search Scope Settings

Site Actions -> Site Settings -> Site Collection Administration -> Search scopes

Central Administration Search Scope Settings

Application Management -> Manage service applications -> "Your Search Service Application" -> Queries and Results -> Scopes

Activating Scopes

After the scope is created, don't forget to display it.  Modify "Display Groups" under site collection search scope settings.

Copyright 2011 - 2021 The Lazy SharePoint Admin | All Rights Reserved
menu-circlecross-circle linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram