SharePoint 2019: Register Managed Account using PowerShell

In this post, we’re gonna show how to bulk–add and register Managed Account In SharePoint 2019 Using PowerShell.

You may also like to PowerShell Script: SharePoint Farm Scan Report

Applies To

• SharePoint 2019.
• SharePoint 2016.
• SharePoint 2013.

---

Managed Accounts in SharePoint

A Managed Account is an effective domain user account whose credentials are managed by SharePoint.

Which account should be registered as a Managed Account in SharePoint?

The below SharePoint Service accounts should be registered as “Managed Accounts” to be managed by SharePoint.

1. Farm Account.
2. Web Application Pool Account.
3. Service Application Pool Account.
4. Claims to Windows Token Service Account.

Which account shouldn’t be registered as a Managed Account?

The non-managed accounts include the following:

1. User Profile Synchronization Service Account.
2. Crawl Account.

You may also like to SharePoint 2019: Service Accounts Recommendations

---

Register Managed Accounts using Central Administration

To register an account as a managed account, you should do the following:

• Open SharePoint Central Administration as administrator.
• Below “Security”, “General Security”, click on “Configure managed accounts”.
• Click on “Register Managed Accounts” to add a new service account.
• Provide the Service account credentials,
• Select the “Enable automatic password change” to allow SharePoint to manage the password for the provided account as per your organization policy.
• Choose to “enable e-mail notifications” in order to have the system generate warning notifications about upcoming password change events.
• Specify a time and schedule for the system to automatically change the password.

Automatic password change enables SharePoint to automatically generate new strong passwords on a schedule you set.

If an account policy based expiry date is detected for the account, and the expiry will occur before the scheduled date and time, the password will be changed on a configured number of days before the expiry date at the regularly scheduled time.

Last Password Change for SharePoint Managed Account

Registering an account as a managed account will also help to track the last password change

Services running by a specific SharePoint Managed Account

Additionally, you can know which services are used by this account as shown below:

---

Assign Managed Account to a SharePoint Service

Registering an account as a Managed Account can also help to set the SharePoint Service Account for Application Service without providing its credentials again.

---

Register Managed Account using PowerShell

• Run SharePoint Management Shell as Administrator.

• Run the below cmdlets one by one.

$Password = "ddddd"
$Account= "epmsys\melqassas"
$pass = convertto-securestring $Password -asplaintext -force
$cred = new-object management.automation.pscredential $Account ,$pass
$res = New-SPManagedAccount -Credential $cred

You may also like to check more PowerShell scripts for SharePoint on GitHub

Bulk Register Managed Account using PowerShell

In this example, we’ll show how to bulk-register managed accounts from the CSV file.

• Download the bulk-register managed accounts script.
• Fill the download CSV template file with your accounts with this format: Domain\Username, Password.

• Run ISE as Administrator.
• Open the downloaded script file.
• Update the CSV file path, then click Run.

Script Output

You have two expected output result like the following:

1. In case, the account is not added to the Managed Account, you will get the below message:
   • ‘The User Account has been added successfully to Managed Account‘.
2. In case, the account is already added to the Managed Account, you will get the below message:
   • ‘The User Account is already added to Managed Account‘.

---

Conclusion

In conclusion, we have explained

• What’s Managed Account?
• Which account should be registered as a Managed Account?
• How to Register Managed Accounts
  • Using Central Administration?
  • Using PowerShell?
• Get Last Password Change for SharePoint Managed Account.
• Get Services running by a specific SharePoint Managed Account.
• How to bulk-register account as Managed Accounts using PowerShell?

Download

Download the full script on GitHub at PowerShell scripts for SharePoint on GitHub.

You may also like to read

• Get All Site Collections and SubSites Per Farm
• SharePoint 2019 Limitations

Have a Question?

If you have any related questions, please don’t hesitate to Ask it at deBUG.to Community.