How to create a Service account in Active directory\AD

Procedure to Create a Service Account


Table of Contents

 

1.     Introduction. 4

2.     Objective of this document. 4

3.     Prerequisites. 4

4.     How to create a Service account. 4



1.   Introduction

A service account is an account that is used to configure and/or run a specific infrastructure system or component.  These accounts are not used directly by normal users and the passwords are known only by selected service Administrators.

2.   Objective of this document

This document details the step-by-step procedure to create a Service Account.

3.   Prerequisites

Ø  Application/Service name for which the service account is requested

Ø  Short description of the usage of the Service Account

4.   How to create a Service account

a.     Logon to the server “DC” where AD tools are installed.

b.     Open the tool “Active Directory Users and Computers” and navigate through the OU path “Domain. local/ServiceAccounts

c.     Follow the below rules to create a new Service account.

 

o   All lower-case letters for the sAMAccountName

o   Name should be in the format “svc_<application/service name>”

o   Account Password never expires

o   User cannot change the password

o   Set a minimum 20-character complex password 

 


 

d.     Add the service account to the security group "Deny-Interactive-Logon".

(This will deny the service account from logging into any Windows machines in the Domain. Local domain.

e.     Update Name, Display Name and Description for the Service Account.

f.       In the Organization tab, add the requestor as Manager.

 



 

Comments

Post a Comment

Popular posts from this blog

User Account not shwoing in Azure Metaverse - Azure Sync Issues

  Issue : One user was not syncing to Azure AD from AD.   Outcome : Found that the user had been joined in the MV to another user and had to have their immutableID corrected to get the AD user matched back to their AAD object.   Troubleshooting: User had previously been synced to AAD, so the matching AAD object still existed in AAD, but was no longer connected to the AD object for that user. The AAD object for this user had become orphaned. Sync Server Manager Metaverse search showed that users's account had become synced with another user's account and the affected user's immutableID (msDS-ConsinstencyGuid) had been changed in AD to match the wrong AAD user. In order to separate the user's AD object from the incorrect user in AAD, we first pulled the user out of their syncing OU, ran a sync, and then put them back into their original OU and ran another sync; this was to un-sync the user from the incorrect user ...
Read more

Could not communicate with the VM agent for snapshot status.

  A Backup failure alert has been activated Description Could not communicate with the VM agent for snapshot status. Steps to resolve the issues : 1. first disable the backup of machine which has issues. 2. then flow the below steps. In Azure VM --> C:\Packages\Plugins\Microsoft.Azure.RecoveryServices.VMSnapshot found that required metadata and other files were removed. Steps Performed to resolve the issue: Rename the Folder "Microsoft.Azure.RecoveryServices.VMSnapshot" available in C:\Packages\Plugins Copy the "Microsoft.Azure.RecoveryServices.VMSnapshot" folder from working machine Take Registry backup 4.Run registry key command one by one REG ADD "HKLM\SOFTWARE\Microsoft\BcdrAgent" /v IsProviderInstalled /t REG_SZ /d False /f REG ADD "HKLM\SOFTWARE\Microsoft\BcdrAgentPersistentKeys" /v IsCommonProviderInstalled /t REG_SZ /d False /f Restart Windows Azure guest ag...
Read more

Hidden or corrupted Outlook inbox Rule

Image
  Clearing Hidden or corrupted Outlook inbox Rule 1.   Overview This document is used as a guideline to delete corrupted, hidden inbox rules from a mailbox using MFCMAPI. 2.   Procedure 1.      Export all rules from your Outlook so that you may import them back after deleting all rules via MFCMAPI.   On your Outlook client, go to “File”> “ManageRules & Alerts”.     2.       Under E-mail Rules > go to “Options” > Export Rules > “Ok”.   3.       Download the latest version of MFCMAPI from the link below   (Please make sure you download the correct release for your Outlook client e.g. 32bit or 64bit version).        https://mfcmapi.codeplex.com/ 4.       Start MFCMAPI.EXE as Administrator.     5.       Go to “Tools” > “Options”.             6. ...
Read more