Managed Accounts are Active Directory user accounts whose credentials are managed by and contained within SharePoint. Managed Accounts in SharePoint are new in 2010. Managed Accounts allow you to implement password changes across all services in the farm. You create these accounts in Active Directory and then register these accounts in SharePoint, allowing you to use these accounts in services and web applications.
We will be using Managed Accounts in the creation of our PowerShell farm and many of the script that will be used on this site will require their setup.
The Get-SPMangedAccount will return a list of the Managed Accounts for the Farm.
The New-SPManagedAccount will allow you to map an Active Directory account to SharePoint and then manage the account through SharePoint.
The Remove-SPManagedAccount will remove the SharePoint mapping to the Active Directory account.
The Set-SPManagedAccount cmdlet sets the properties on the given managed account. You can use this cmdlet to change the password expiration and notification settings for the managed account.
You can use the Get-SPManagedAccount to retrieve a list of all over your managed accounts.
Once an account is added to Active Directory, you can use the following PowerShell script to add a new Managed Account.
$cred = Get-Credential
New-SPManagedAccount –Credential $cred
When this code is executed, it will prompt you for the account you wish to use, as indicated in Figure 2.
Once this completes, you can run the Get-SPManagedAccount to get an updated list.
To remove the account, you may use the Remove-SPManagedAccount as follows:
You will be prompted prior to removing the account, as shown in Figure 4.