I’ve been working on a client site for a few weeks and coming into the project they knew absolutely nothing about their current environment asides from the server name. This meant we didn’t have the Farm admin password, and didn’t have any current employees as farm or collection admins. To regain control of the environment I went through the following steps:
- Reset the service account passwords by following the Microsoft KB article here
Once we re-gained farm login after resetting credentials, we had another interesting caveat. BUILTIN\Administrators and the farm admin account had been removed from the Farm Admins group so we still couldn’t access content on any site collections.
They had also changed their theme, so in central admin the menus to add users were not working. Our only option from this point was to add our accounts using stsadm.
For both steps below also pay attention to if the site is using SSL or not (you’ll need to change http:// or https:// depending on the site collection)
- Add users to the Farm Administrators group using STSADM:
stsadm -o adduser -url http://centraladminservername:port -userlogin DOMAIN\user -useremail email@example.com -group "Farm Administrators" -username "DOMAIN\user"
- Set site collection ownership using STSADM: You’ll need to do this for each site collection you would like access to (My sites, Web Applications, etc)
stsadm -o siteowner -url http://site:port -ownerlogin DOMAIN\user -secondarylogin DOMAIN\user
Keep in mind that site collections can only have 2 owners, and resetting ownership may have adverse affects if the account you remove was being used as something other than an individual user.
2012-12-27 18:30 -0500