Managed Service Accounts

This article needs work. Please help update and extend it. If you add new managed service account topics, please add a link to the new topic at the bottom of this page.

Managed service accounts in Windows Server 2008 R2 and Windows 7 are managed domain accounts that provide the following features to simplify service administration:

Automatic password management.
Simplified SPN management, including delegation of management to other administrators. Additional automatic SPN management is available at the Windows Server 2008 R2 domain functional level.

To use managed service accounts, the client computer on which the application or service is installed must be running Windows Server 2008 R2 or Windows 7. In addition, a hot fix as described in KB 2494158: “Managed service account authentication fails after its password is changed in Windows 7 or in Windows Server 2008 R2" must be applied to the computer where the managed service account exists. One managed service account can be used for services on a single computer. Managed service accounts cannot be shared between multiple computers and cannot be used in server clusters where a service is replicated on multiple cluster nodes.

For more information about application requirements and configuration instructions for using managed service accounts, see the Service Account Step-by-Step Guide

For additional information, see:

Managed Service Accounts

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support by product

Other support links

Not an IT pro?