SharePoint 2019: Register Managed Account using PowerShell

bulk-add Managed Accounts In SharePoint 2019 Using PowerShell

In this post, we’re gonna show how to bulkadd and register Managed Account In SharePoint 2019 Using PowerShell.

Configure Manged Accounts in SharePoint 2019

You may also like to PowerShell Script: SharePoint Farm Scan Report

Applies To

  • SharePoint 2019.
  • SharePoint 2016.
  • SharePoint 2013.

Managed Accounts in SharePoint

A Managed Account is an effective domain user account whose credentials are managed by SharePoint.

Which account should be registered as a Managed Account in SharePoint?

The below SharePoint Service accounts should be registered as “Managed Accounts” to be managed by SharePoint.

  1. Farm Account.
  2. Web Application Pool Account.
  3. Service Application Pool Account.
  4. Claims to Windows Token Service Account.

Which account shouldn’t be registered as a Managed Account?

The non-managed accounts include the following:

  1. User Profile Synchronization Service Account.
  2. Crawl Account.

You may also like to SharePoint 2019: Service Accounts Recommendations


Register Managed Accounts using Central Administration

To register an account as a managed account, you should do the following:

  • Open SharePoint Central Administration as administrator.
  • Below “Security”, “General Security”, click on “Configure managed accounts”.
  • Click on “Register Managed Accounts” to add a new service account.
  • Provide the Service account credentials,
  • Select the “Enable automatic password change” to allow SharePoint to manage the password for the provided account as per your organization policy.
  • Choose to “enable e-mail notifications” in order to have the system generate warning notifications about upcoming password change events.
  • Specify a time and schedule for the system to automatically change the password.
Register Manged Accounts in SharePoint 2019

Automatic password change enables SharePoint to automatically generate new strong passwords on a schedule you set.

If an account policy based expiry date is detected for the account, and the expiry will occur before the scheduled date and time, the password will be changed on a configured number of days before the expiry date at the regularly scheduled time.

Last Password Change for SharePoint Managed Account

Registering an account as a managed account will also help to track the last password change

Last Password Change for SharePoint Service Account

Services running by a specific SharePoint Managed Account

Additionally, you can know which services are used by this account as shown below:

Farm components using by service account

Assign Managed Account to a SharePoint Service

Registering an account as a Managed Account can also help to set the SharePoint Service Account for Application Service without providing its credentials again.

Configurable Service Accounts in SharePoint 2019

Register Managed Account using PowerShell

  • Run SharePoint Management Shell as Administrator.
Open SharePoint 2016 PowerShell - Upgrade and Migrate to Project Server 2016
  • Run the below cmdlets one by one.
$Password = "ddddd"
$Account= "epmsys\melqassas"
$pass = convertto-securestring $Password -asplaintext -force
$cred = new-object management.automation.pscredential $Account ,$pass
$res = New-SPManagedAccount -Credential $cred
Register Managed Accounts using PowerShell in SharePoint 2019

You may also like to check more PowerShell scripts for SharePoint on GitHub

Bulk Register Managed Account using PowerShell

In this example, we’ll show how to bulk-register managed accounts from the CSV file.

CSV template file for sharepoint accounts
  • Run ISE as Administrator.
  • Open the downloaded script file.
  • Update the CSV file path, then click Run.
Run PowerShell Script in SharePoint

Script Output

You have two expected output result like the following:

  1. In case, the account is not added to the Managed Account, you will get the below message:
    • The User Account has been added successfully to Managed Account‘.
  2. In case, the account is already added to the Managed Account, you will get the below message:
    • The User Account is already added to Managed Account‘.
register Managed Account Using PowerShell  In SharePoint 2019

Conclusion

In conclusion, we have explained

  • What’s Managed Account?
  • Which account should be registered as a Managed Account?
  • How to Register Managed Accounts
    • Using Central Administration?
    • Using PowerShell?
  • Get Last Password Change for SharePoint Managed Account.
  • Get Services running by a specific SharePoint Managed Account.
  • How to bulk-register account as Managed Accounts using PowerShell?
Download

Download the full script on GitHub at PowerShell scripts for SharePoint on GitHub.

You may also like to read

Have a Question?

If you have any related questions, please don’t hesitate to Ask it at deBUG.to Community.

1 thought on “SharePoint 2019: Register Managed Account using PowerShell”

  1. Pingback: SharePoint 2019: Service Accounts Recommendations | SPGeeks

Leave a Reply