This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 56.00000000000001%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM9%3C/text%3E%3C/svg%3E)
I'm running Edge as a Administrator (right click, run as admin). No change.
My account is a local/domain admin. My account is also a full Farm Admin.
My goal is to setup the automatic password changing feature for Managed Accounts in Sharepoint.
Error: Access denied. Only machine administrators are allowed to create administration service job definitions of type: Microsoft.SharePoint.Administration.SPGeneratePasswordJobDefinition, Microsoft.SharePoint, Version=16.0
Running the site in IE-Mode for Edge doesn't change anything. Same error.
Running Edge in IE-Mode for the Admin site didn't change anything either.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 17%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYJ%3C/text%3E%3C/svg%3E)
Hi, we are currently doing some research on this issue, will let you know as soon as possible.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 71%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERB%3C/text%3E%3C/svg%3E)
If this occurs with the management console.... Try running the Management Console with Administrative Privilege's.
Hi @MReyes-9795 ,
The error message indicates that the user does not have the necessary permissions to create administration service job definitions for automatic password change in SharePoint.
To resolve this issue, the user needs to ensure that their account has the following memberships:
In addition, the user can use the Add-SPShellAdmin cmdlet to grant permissions to use SharePoint Server cmdlets. If the user does not have permissions, they should contact their Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see Add-SPShellAdmin.
Once the necessary permissions have been granted, the user can use PowerShell to repair the managed account on each server in the farm that has experienced a provisioning failure. For more information, see Configure automatic password change in SharePoint Server.
Hope this is helpful.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
The service account already has the SQL Server roles you mentioned. It's the DBO on the Sharepoint_Config and Sharepoint_AdminContent databases. Is there a specific database where DBO is needed?
Hi @MReyes-9795 ,
Please check whether this account is in the AD Admin group.
Please check whether this account is the administrator of this machine.
It is already.
I ran the SPAdmin PS command anyway:
Add-SPShellAdmin :
"Cannot add domain\username to the SharePoint_Shell_Access role of the database SharePoint_Config. A possible cause of this error is that the account name was already added to the database as a login using a different user name than the account name."
Try operating directly in IE browser to see if the problem still exists.
The IE browser hasn't been supported nor available in patched Windows OS for some time now. Nearly two years. https://learn.microsoft.com/en-us/lifecycle/faq/internet-explorer-microsoft-edge
I did try Edge in IE-Mode, but got the same results.
That's weird, have you installed any updates recently?
We installed the patches from September in September. There were no updates released on October.
This issue is relatively complicated and I could not reproduce it, I also could not get some inspiration according to the error.
So I would suggest you open a ticket to contact Microsoft for more direct help, thanks for your understanding.
I did on Monday. As per normal, no progress. Bad comms. I can't fathom how MS has the gall charges for that service.