Thursday, February 24, 2011

Creating a Managed Service Account

Creating a Managed Service Account

This topic explains how to use the Active Directory module for Windows PowerShell to create a managed service account. Managed service accounts are used to run various services for applications that are operating in your domain environment.

Example 1

The following example demonstrates how to create a service account, SQL-SRV1, in the container Managed Service Accounts in the Fabrikam.com domain:
New-ADServiceAccount -Name SQL-SRV1 -Path "CN=Managed Service Accounts,DC=FABRIKAM,DC=COM"

Example 2

The following example demonstrates how to create a service account, SQL-SRV1, in the container Managed Service Accounts in the Fabrikam.com domain:
New-ADServiceAccount SQL-SRV1 -AccountPassword (ConvertTo-SecureString -AsPlainText "p@ssw0rd" -Force) -Enabled $true -Path "CN=Managed Service Accounts,DC=FABRIKAM,DC=COM" -ServicePrincipalNames "MSSQLSVC/FABRIKAM-SRV1.FABRIKAM.COM:1456"

Additional information

You can use the following parameters when you set many of the common values that are associated with creating a managed service account:
  • AccountNotDelegated
  • Enabled
  • HomePage
  • ServicePrincipalNames
  • TrustedForDelegation
For a full explanation of the parameters that you can pass to New-ADServiceAccount, at the Active Directory module command prompt, type Get-Help New-ADServiceAccount –detailed, and then press ENTER.

No comments:

Post a Comment