Easy PowerShell script to list which account is used as System Account

3 Jul

For each webapplication in a farm the account used as System Account can be set . When a user is logged in with this account ‘System Account’ is shown in the welcome menu:

And when the user adds or modifies an item the same display name is shown at the item:

To know which user account or accounts are used as System Account the user policies of each web application in Central Administration can be checked if the checkbox ‘Account operates as System’ has been checked for one or more of the users specified. If no users are marked here as System Account the application pool account of the webapplication is used as System Account.

Unfortunately there is no view somewhere to quickly determine the account(s) set as System Account.

Therfor I created a small PowerShell script to check the user policies of each web application. If there is a tick in the checkbox for one or more users these are displayed as System Account, otherwise the application pool account is listed as System Account.

$farmWebAppService = (Get-SPFarm).Services | ? { $_.typename -eq "Microsoft SharePoint Foundation Web Application" }

foreach($webApp in $farmWebAppService.WebApplications)
{
  Write-Host "Web application: " $webApp.Name
  $collection = @()
  foreach ($zonepol in $webApp.Policies)
  {
    if($zonepol.IsSystemUser -eq $true)
    {
      $collection += $zonepol;
    }
  }

  if($collection.Count -eq 0)
  {
    Write-Host "Account which operates as System (application pool account): " $webApp.ApplicationPool.DisplayName " - " $webApp.ApplicationPool.Username
  }
  else
  {
    foreach($item in $collection)
    {
      Write-Host "Account which operates as System (policy setting): " $item.DisplayName " - " $item.UserName
    }
  }
}

Output:

Web application: SP2010 – 80

Account which operates as System (policy setting): test user – spdev\testuser

Account which operates as System (policy setting): SharePoint Install Account – spdev\spinstaller

Web application: TeamSites

Account which operates as System (application pool account): AppPool_TeamSites – spdev\spintranet

One Reply to “Easy PowerShell script to list which account is used as System Account”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.