Configure Object Cache Accounts

If you are using SharePoint Publishing you will want to configure object cache accounts

So, what is the object cache?

The object cache stores properties about items in SharePoint Server 2013. Items in this cache are used by the publishing feature when it renders web pages. The goals of the object cache are to reduce the load on the computer on which SQL Server is running, and to improve request latency and throughput. The object cache makes its queries as one of two out-of-box user accounts: the Portal Super User and the Portal Super Reader. These user accounts must be properly configured to ensure that the object cache works correctly. The Portal Super User account must be an account that has Full Control access to the web application. The Portal Super Reader account must be an account that has Full Read access to the web application.

From http://technet.microsoft.com/en-us/library/ff758656(v=office.15).aspx

I recommend reading the technet article for more details

Note: these need to be two domain accounts that are never used to log into the site EVER…

To set these accounts up you first need to log into Central admin as a farm admin…

Click Manage Web Applications from the CA home screen

Select any web application that uses publishing features and click user policy

From the screen that pops up select add users, make sure all zones is selected under zones and click next

From here add your Super User account and select full control. Then follow the steps again, add your super reader account and select full read.

Repeat these steps for each web app that uses the publishing features…

Note under the user name column are the account names we will use in the next steps will be listed, so copy them to a notepad. If you are using claims, which you should be… seriously this should appear in front of the domain name i:0#.w|

Paste the following into notepad or PowerGUI and change the “” and “” bits to your account names. Save the file as setUsers.ps1. Also, make sure your account has rights to run powershell . This permission will be shelladmin in SQL server on the Config database, sometimes it is set automatically when you are added to the farm admin group, but then sometimes it doesn’t.

$wa_url = Read-Host “enter web app url: “

$wa = Get-SPWebApplication -Identity $wa_url
$wa.Properties[“portalsuperuseraccount”] = “”
$wa.Properties[“portalsuperreaderaccount”] = “”
$wa.Update()

Run the SharePoint management shell as an administrator by right clicking and selecting run as administrator…

Run the script by typing cd\ then .\scripts\setusers

Note: this assumes that you are on the server and you have put your script in a folder called scripts on the C drive.

You will be prompted for the web app url, type it in and hit enter….

After hitting enter it’ll take a few seconds and then the c:\ prompt will reappear. Repeat this step for each web app you added the accounts too.

Reset iis and you are all set.

I found this handy article on how to check to make sure everything is set up correctly.

Following the steps above for creating a ps1 doc and paste this in it…

$WebApplications = Get-SPWebApplication
foreach ($WebApplication in $WebApplications)
{
    $WebApplication.DisplayName
    $WebApplication.url
    $WebApplication.Properties[“PortalSuperReaderAccount”]
    $WebApplication.Properties[“PortalSuperUserAccount”]
}

From http://blogs.msdn.com/b/rcormier/archive/2012/04/26/how-to-generate-an-object-cache-user-account-report-using-powershell.aspx

Run this the same way you ran the other script and you can verify that everything is set up correctly.

 

Make sure to reset IIS when you are finished.