07-17-2014 10:58 AM
Are group managed service accounts or managed service accounts supported for the Backup Exec Windows Services?
Thanks for your help,
stwil
07-17-2014 12:01 PM
...as in?
07-17-2014 10:30 PM
Haven't come across any doc stating MSA or gMSA cannot be used. I guess, as long as it meets the following requirements, it should be OK.
http://www.symantec.com/business/support/index?page=content&id=TECH23689
Additionally, the main feature of these accounts is automatic password management, BE would not receive the password change from AD directly. You would have to manually make the change by editing the BE accounts and entering the new password.
07-18-2014 12:58 PM
VJWare, Thanks for the response. What do you mean by, "You would have to manually make the change by editing the BE accounts and entering the new password."? Is that in the application or services console?
Do the service account credentials need to be entered or stored anywhere within the application itself, or can they be just entered into the Windows Services console directly? If they don't need to be entered in the application, then gMSA should take care of the password change automatically.
Thanks,
stwil
07-18-2014 02:09 PM
BEutility can make the change you want. You can also enter the username/password into services.msc, but if that user doesn't exist within BE you might run into issues. ALso, you can look at Powershell scripting to do this if you want (if it is possible).
THanks!