Create A MSA Group Using PowerShell - Server 2012

Technical Article
May 28, 20132 min read

Some guidence on how to create a MSA group using PowerShell

Categories
MicrosoftWindows Server 2012
Tags
Microsoft Service AccountMicrosoft Sql ServerMsaServer 2012
Create A MSA Group Using PowerShell - Server 2012

For those who are struggling to create service accounts:

Open PowerShell

Import-Module Activedirectory

Create the Service Account:

New-ADServiceAccount -name <Service Account Name> -Enabled $true -DNSHostName <Service Account Name>.domain.com -PrincipalsAllowedToRetrieveManagedPassword "<Group or Computer>"

Example:

New-ADServiceAccount -name MSA1 -Enabled $true -DNSHostName MSA1.domain.com -PrincipalsAllowedToRetrieveManagedPassword "Sql Server Group"

Add computer to service account:

Add-ADComputerServiceAccount -Identity <Servername> -ServiceAccount <Service Account Name>$

Example:

Add-ADComputerServiceAccount -Identity SQL1 -ServiceAccount MSA1$

Install Service Account:

Install-ADServiceAccount -Identity <Service Account Name>$

Example:

Install-ADServiceAccount -Identity MSA1$

To test to see if this has worked:

Test-ADServiceAccount -Identity <Service Account Name>$

Example:

Test-ADServiceAccount -Identity MSA1$
Related

Related articles

RDS 2012 Security Hardening Guide
June 17, 2014

RDS 2012 Security Hardening Guide

I recently came across the server 2012 Secuity guide apart of the "Secuirty Compliance Manager" which covers the Secuity Hardening of RDS 2012.