How to reset the Farm Passphrase in Sharepoint 2010

You might find yourself in the same situation like me, you try to add a new server to your farm but after trying all the passphrases in your mind it seems like none of them work. Hope this happens on your test farm and not on the production one and not because you cannot fix it but this might signal other problems with the way you manage your farm, with your configuration management.

In order to change the Farm PassPhrase you need to log in to one of your farm  servers and open SharePoint 2010 Management Shell in admin mode(right click Powershell and select Run as administrator).

The two cmdlets you will use are:

ConvertTo-SecureString  Link to TechNet site

Set-SPPassPhrase Link to TechNet site

The Set-SPPassPhrase cmdlet is used to change the PassPhrase but it takes a secure string as parameter. In order to do that you will first have to define a secure string using:

$NewPassPhrase = ConvertTo-SecureString -asPlainText -Force -string YOUR_OWN_STRING

The string needs to be(if the default settings are used):

 “at least 8 characters; contains at least three of the following
four character groups: English uppercase characters (A through Z); English lowe
rcase characters (a through z); Numerals (0 through 9); Non-alphabetic characte
rs (such as !, $, #, %). Type a passphrase which meets these requirements. “

Please replace YOUR_OWN_STRING with…you guessed it your own string which will become the new PassPhrase. This cmdlet converts your string from plain text to a secure string. $NewPassPhrase will take the value  of this secure string during your powershell session.

In order to change the PassPhrase to your new secure string defined before you will use:

Set-SPPassPhrase -PassPhrase $NewPassPhrase

It will automatically prompt you to insert the string configured before even if you do not use the -confirm switch.

It will ask you to confirm your action by selecting Y and hitting enter.

This cmdlet will change the PassPhrase on all of your farm servers. If for whatever reason you want or you have to do it on each server use the -LocalServerOnly when you run the  Set-SPPassPhrase cmdlet(ex: Set-SPPassPhrase -PassPhrase $NewPassPhrase -LocalServerOnly).

Now keep track of this new Farm PassPhrase in a secure place.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s