I've SBS2011 Standard installed. It's installed not virtualized. The server therefore is the domain controller. I run a simple, single server configuration.
I'm running Sharepoint (companyweb, remote access, remote web) and Exchange 2011 on it. Everything, including Exchange is fully patched and and the recent rollup package (was installed automatically thru Winduws Update) is is on it. Everything is standard installation, nothing special.
Since I installed the Exchange 2011 rollup package a few days ago thru windows update I have a problem with the spwebapp account.
First of all: This server is domain controller. I don't understand why I have local accounts at all because a domain controller must never have local accounts. But these are here since installation.
Now with the rollup package it seems that the spwebapp account (used for SharePoint Web Applications) tries to log on to the system. It should be a system account without a profile, but since it tries to logon it results in an errror in the application event log.
I then tries to check the account itself opening it thru the Controlpanel - Users and groups. When I wanted to close it again it just hang and didn't go further. After a while (several hours) I kill the hanging process. Resulting in spwebapp local user account was removed.
When I then tried to open the company web it showed me only the message "configuration database can't be accessed".
I did a restore of the system drive (fortunatly I did a backup just before). This restored also the local account spwebapp.
Question:
What can I do to get rid of this error in the Application event log?
What is configured wrong on my side?
Is it possible to migrate the local accounts (there are 2 more: spfarm and spsearch) to the Active Directory? If yes how has this to be done?
BTW: I already went thru the recommendations to check the permissions of the profile folder. I also tried to give this account a profile. Doesn't work for this account either. It has full permission on this folder. And a logon to create a profile will not be possible with it as it's a local account and I don't have it's password. I also don't want to reset its password because it seems some system components are using this account that would fail then.
What can I do?
Henry