I'm trying to add an AD Managed Service Account and my first attempt was as follows:
New-ADServiceAccount -DNSHostName VM-Backup-Service -Name "VM Backup" -samAccountName VM_Backup -Path "OU=AD_Managed_Service_Accounts,DC=company,DC=local"
This command basically hung, I think because I pointed DNSHostName to something non-existent because I didn't do enough reading. I then tried to correct it and point it at the master DC using it's FQDN:
New-ADServiceAccount -DNSHostName AUDC.company.local -Name "VM Backup" -SamAccountName VM_Backup -Path "OU=AD_Managed_Service_Accounts,DC=company,DC=local"
The problem I have now is that AD says the account already exists:
New-ADServiceAccount : The specified account already exists
Which would be no big problem, if I could actually find said account in order to remove it before re-adding it correctly. I've tried tracking it down with:
Get-ADServiceAccount -filter 'samAccountName -like "*VM_Backup*"'
Get-ADUser -filter 'samAccountName -like "*VM_Backup*"'
And the following returns nothing, which implies there are no Service Accounts in the domain?
Get-ADServiceAccount -filter *
If anyone has suggestions for ways to track it down, it would be much appreciated. The only hints I have is that I know I specified the samAccountName in the commands above, and the snippet of the CN=VM Backup that is returned when it says the account already exists:
New-ADServiceAccount : The specified account already exists
At line:1 char:1
+ New-ADServiceAccount -DNSHostName 1682-server-001.vpnsolutions.local ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceExists: (CN=VM Backup,OU...ompany,DC=local:String) [New-ADServiceAccount], ADIde
ntityAlreadyExistsException
+ FullyQualifiedErrorId : ActiveDirectoryServer:1316,Microsoft.ActiveDirectory.Management.Commands.NewADServiceAcc
ount
No comments:
Post a Comment