How to create a Managed Service Account

New since Win2k8 R2

Instead of using User Accounts for services you can create Managed Service Accounts now. The advantage is that it also changes the password every 30 days automatically like in the computer accounts. You can find the managed user accounts here:
Active Directory User and Computers\Managed Service Accounts

1. Run Active Directory Module for PowerShell
2. Add-KDSRootKey
    
     For LAB Environment to not wait the 10 hours to repliacte type instead:
     Add-KDSRootKey –EffectiveTime ((Get-Date).AddHours(-10))
2. New-ADServiceAccount –Name WebTest –DNSHostname servername –Passthru

    Without –Passtrhu you don’t have any feedback

3. Add-ComputerServiceAccount –identity web01 –ServiceAccount WebTest –Passthru

You can check the settings in more details if you run adsiedit.msc.

Now you can use this service for example for services.

1. Run services.msc

2. Right Click on a Service\Properties\Log On\
    This Account:

     domain\yourcreatedaccount$

3. You don’t need to put a password

admin on July 15th 2013 in Windows Server

No Comments »

Comments RSS

Leave a Reply

*




Check out new movies online website. Download and buy movies now.
1