-
-
-
-
On-premises Active Directory service accounts
-
-
Migrate workloads between resource locations using Image Portability Service
-
-
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
On-premises Active Directory service accounts
An on-premises Active Directory service account is a container to store the user name and password of a privileged domain user account. The user account must have sufficient permissions to manage computer accounts in an Active Directory. Machine Creation Service can use this service account to do computer accounts related operations without entering the domain credentials every time.
Create an on-premises Active Directory service account
Create an on-premises Active Directory service account using Studio or PowerShell.
Prerequisite
To create an on-premises Active Directory service account, make sure to complete the following task:
- Create a domain user account in your Active Directory with sufficient permissions to create, update, and delete computer objects in your Active Directory or specific OUs.
Use Studio
- In the DaaS tile, click Manage.
- In the left pane, select Administrators.
- In the Service Accounts tab, click Create Service Account.
- On the Identity Type page, select On-premises Active Directory. Click Next.
- On the Credentials page, click Enter credentials to provide the username and password of a privileged domain user account which you want to use as the service account.
- Set the password expiration date or leave it as never expired.
- Select one or more scopes for this service account.
- Enter a friendly name and a description (optional) for the service account.
- Click Finish to complete the creation.
Use PowerShell
You can use PowerShell commands to create an on-premises Active Directory service. For example:
$credential = ConvertTo-SecureString -String $password -AsPlainText -Force
New-AcctServiceAccount -IdentityProviderType ActiveDirectory -IdentityProviderIdentifier test.local -AccountId test\svcacct_mcs -AccountSecret $credential -SecretExpiryTime 2030/08/15 -DisplayName 'scvacct_mcs' -Description 'Service account for test.local'
<!--NeedCopy-->
Note:
The
$password
is the matching password for the provided domain user account.
Perform machines identity-related actions
After an Active Directory or a Hybrid Azure AD based identity pool is associated with a service account, you can do various machines identity-related actions without requiring to enter the domain credentials.
-
To create a new identity account using a service account
New-AcctADAccount -IdentityPoolName MyPool -Count 2 -UseServiceAccount <!--NeedCopy-->
-
To repair the identity accounts using a service account
Repair-AcctADAccount -ADAccountName "Domain\account","Domain\account2" -UseServiceAccount <!--NeedCopy-->
-
To remove identity accounts using service account
Remove-AcctADAccount -IdentityPoolName MyPool -RemovalOption Delete -ADAccountName "Domain\account","domain\account2" -UserServiceAccount <!--NeedCopy-->
Where to go next
- To create on-premises Active Directory joined catalogs, see Identity pool of on-premises Active Directory joined machine identity.
- To manage service accounts, see Manage service accounts.
Share
Share
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.