Please do guide me with creation of service account. i want to use this account for sql installation and for other services.
import-module ActiveDirectory
dir "AD:CN=Managed Service Accounts,DC=mydomain,DC=com"
New-ADServiceAccount sqladminsvc -PrincipalsAllowedToRetrieveManagedPassword sqlgroup -DNSHostname sqlsrv2012.mydomain.com
Add-ADComputerServiceAccount -Identity sqlsrv2012 -ServiceAccount sqladminsvc -PassThru
or
Add-ADComputerServiceAccount -Identity sqlsrv2012 -ServiceAccount sqladminsvc
do i need to give passthru
on my sqlserver i have installed the service account.
1. from my domain controller when i type the below command i cannot see mysql server computer account binding.
PS C:\Windows\system32> Get-ADServiceAccount -Identity sqladminsvc | select HostComputer
HostComputers
-------------
{}
2. in the manage service account i can see my service account(sqladminsvc).do i need to give any king of privileges here like domain admins full control, do i need to add the computer account here. also for the security group which i created i just added
the computer account to it, do i need to give any more permissions
When i am running on domain controller
3. PS C:\Windows\system32> Test-ADServiceAccount sqladminsvc$
Test failed for managed service account sqladminsvc.If standalone managed service account, the account is linked to another computer object in the active directory. If the group managed service account, either this computer does not have the permission to use the group MSA or this computer doesnot support all the kerberos encrption types required for the gMSA
When i am running on sql server
PS C:\Windows\system32> Test-ADServiceAccount sqladminsvc$
TRUE