Solved

Managed Service Accounts Questiion

Posted on 2016-09-19
2
28 Views
Last Modified: 2016-10-08
What are the requirements for managed service accounts from the AD perspective?
Also, what should be the schema requirements?
Should there be at least (1) 2012 DC in the environment?
Does it only use that 2012 DC once it is established? Or all DCs in the environment?
0
Comment
Question by:IT_Admin XXXX
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 1

Accepted Solution

by:
Silverwolf earned 500 total points (awarded by participants)
ID: 41805638
Managed Service Accounts was introduced in 2008 R2. So as long as the domain functional level is at least at 2008 R2, you can use them. Group Managed Service Accounts however, were introduced in 2012. For those, you need the domain functional level to be at 2012.

The catch with the domain functional level is that all DC's need to have at least that OS or higher. So for a domain functional level of 2008 R2, you could have 2 DC's. One with a 2008 R2 OS and the other with 2012 OS. They just can't be an earlier edition of OS. See the links below for more details.


Managed Service Accounts:  https://technet.microsoft.com/library/dd548356(v=ws.10).aspx
Group Managed Service Accounts:  https://blogs.technet.microsoft.com/askpfeplat/2012/12/16/windows-server-2012-group-managed-service-accounts/
Domain Functional Level Requirements:  https://technet.microsoft.com/en-us/library/understanding-active-directory-functional-levels(v=ws.10).aspxhttps://technet.microsoft.com/en-us/library/understanding-active-directory-functional-levels(v=ws.10).aspx
0
 
LVL 1

Expert Comment

by:Silverwolf
ID: 41834903
Received this email:

 Hi Silverwolf,

The following question you participated in has been inactive for 14 days: Managed Service Accounts Questiion

No new comments can be added to the question. You can still help resolve it by choosing the comment(s) with the most merit and following the prompts to close the question.
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question