Important The problematic conditions are checked only on the server on which this manifest is executed. To make sure that you have maximum coverage, we recommend that you run SETH on every computer in the Microsoft SharePoint farm.
This article explains the operation of this manifest file.
Required permissionsThe rules in the diagnostic package leverage the SharePoint Windows PowerShell snap-in to get information about your farm. Therefore, the account that is used to run the diagnostic package must either be the farm account or have been given the required permissions through the Add-SPShellAdmin command.
Note The farm account is the account in which the timer service and central administration site's application pool are running.
Some rules in this diagnostic package also must have local server administrative privileges to use remote and local administrative tools and to access secure system locations such as the registry. The following table can be used to reference the permissions that are required for each rule.
|Permission code||Description||Required permission|
|1||Use SharePoint Windows PowerShell cmdlets to interact with the SharePoint farm.||Farm administration|
|2||Run queries against SharePoint databases.||Farm administration|
|3||Access server administrative tools.||Server administrative|
|4||Access files and other resources on the server.||Server administrative|
Information that is collected
Password sync reportThe Password Synchronization Report is a new file that is generated starting with the 126.96.36.199 release of SETH. Here is a sample output of this file that shows:
Password Synchronization Report Generated from SERVER1: 04/08/2011 10:51:13This information is sorted by UserName and Name (application pool). As shown in the sample output, the password hash for the 0cbce7b825854b9d93b2610c3627533a application pool has a different value on SERVER1 than it does on SERVER2. This indicates that the passwords do not match. This could occur because the password has been changed on one server but not on the other. As shown in the sample output for the SharePoint – 80 application pool, the password hash is identical on both servers in the farm. This indicates that the passwords are in sync.
Machine Name UserName Password Hash
======== ==================================== =================== ========================
SERVER1 0cbce7b825854b9d93b2610c3627533a contoso\user1 taggcB3Cg9kkSVLVZlCTyg==
SERVER2 0cbce7b825854b9d93b2610c3627533a contoso\user1 KU91YgOOM8CYdezeuhn96w==
SERVER1 SecurityTokenServiceApplicationPool contoso\user1 taggcB3Cg9kkSVLVZlCTyg==
SERVER2 SecurityTokenServiceApplicationPool contoso\user1 KU91YgOOM8CYdezeuhn96w==
SERVER1 SharePoint - 30699 contoso\user1 taggcB3Cg9kkSVLVZlCTyg==
SERVER2 SharePoint - 30699 contoso\user1 KU91YgOOM8CYdezeuhn96w==
SERVER1 SharePoint Central Administration v4 contoso\user1 taggcB3Cg9kkSVLVZlCTyg==
SERVER1 c408cf58b72d493da1925746dd8a0012 contoso\user2 LmbbRTCUtCxxfGHdq3l/nA==
SERVER2 c408cf58b72d493da1925746dd8a0012 contoso\user2 LmbbRTCUtCxxfGHdq3l/nA==
SERVER2 SharePoint - 80 contoso\user2 LmbbRTCUtCxxfGHdq3l/nA==
SERVER1 SharePoint - 80 contoso\user2 LmbbRTCUtCxxfGHdq3l/nA==
Article ID: 2827335 - Last Review: Dec 1, 2015 - Revision: 1