Maybe this one helps.
https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview
--please don't forget to upvote
and Accept as answer
if the reply is helpful--
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
Is there a way to identify an windows Active Directory service account and where it is been used and for which service?
Regards,
Saras.
Maybe this one helps.
https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview
--please don't forget to upvote
and Accept as answer
if the reply is helpful--
Hi,
Thank you for your question and reaching out.
I understand that you wanted to identify a Windows Active Directory service account and where it is been used and for which service. However, Microsoft is strict when it comes to accounts and we cannot double-check that on our end. Instead, your option here is to check it on your end using the steps from this link: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/service-accounts-on-premises
-------------------------------------------------------------------------------------------
If the reply was helpful, please don’t forget to Upvote or Accept as answer. Thank you!
Hi,
From an AD object stand point there is no difference between a normal user and a service account. Depending on your environment, usually the naming convention for the accounts is used to identify them, or a separate OU for service accounts.
Using only the native AD tools the only way to identify where accounts have logged on from is the event logs on the domain controllers and you will need to enable auditing to see this information, see this page - https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/basic-audit-logon-events
Gary.