jespernohr/group-managed-service-account.ps1

## group-managed-service-account.ps1
# use theese cmd-lets to create managed service accounts in Active Directory
# these new service accounts can be used on servers that share a specific computer group.

New-ADServiceAccount -name gmsa001 -DNSHostName gmsa001.contoso.com -PrincipalsAllowedToRetrieveManagedPassword "Domain Controllers"
New-ADServiceAccount -name gmsa002 -DNSHostName gmsa002.contoso.com -PrincipalsAllowedToRetrieveManagedPassword "Web Servers"
New-ADServiceAccount -name gmsa003 -DNSHostName gmsa003.contoso.com -PrincipalsAllowedToRetrieveManagedPassword "SQL Servers"
New-ADServiceAccount -name gmsa004 -DNSHostName gmsa004.contoso.com -PrincipalsAllowedToRetrieveManagedPassword "File Servers"
New-ADServiceAccount -name gmsa005 -DNSHostName gmsa005.contoso.com -PrincipalsAllowedToRetrieveManagedPassword "RDS Servers"
	# use theese cmd-lets to create managed service accounts in Active Directory
	# these new service accounts can be used on servers that share a specific computer group.

	New-ADServiceAccount -name gmsa001 -DNSHostName gmsa001.contoso.com -PrincipalsAllowedToRetrieveManagedPassword "Domain Controllers"
	New-ADServiceAccount -name gmsa002 -DNSHostName gmsa002.contoso.com -PrincipalsAllowedToRetrieveManagedPassword "Web Servers"
	New-ADServiceAccount -name gmsa003 -DNSHostName gmsa003.contoso.com -PrincipalsAllowedToRetrieveManagedPassword "SQL Servers"
	New-ADServiceAccount -name gmsa004 -DNSHostName gmsa004.contoso.com -PrincipalsAllowedToRetrieveManagedPassword "File Servers"
	New-ADServiceAccount -name gmsa005 -DNSHostName gmsa005.contoso.com -PrincipalsAllowedToRetrieveManagedPassword "RDS Servers"