Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,288 questions
AzureStorageAccount ComputerAccount password do not expire
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 67%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDK%3C/text%3E%3C/svg%3E)
Daniel Kaliel
1,231
Reputation points
Here is the scenerio. We have created a ComputerAccount associated with our AzureStorageAccount so that Kerberos could utilize AES256. We have two-factor authentication in place even for users on-premise which requires an OTP password.
How can I set the ComputerAccount so the password does not expire because their is no method to run an automated script that will also grab the OTP for the account to log into Azure as part of running the Update-AzStorageAccountADObjectPassword script.
Or, do we need to scrap AES256 for Kerberos and run with a ServiceAccount where we can set the password to not expire?
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 36%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
SaiKishor-MSFT 16,936 Reputation points2022-04-01T09:24:16.467+00:00 @Daniel Kaliel Are you using on-premise AD DS or Azure AD DS? Please refer this link that talks about Maximum machine account password age which might be helpful(setting it to 0 so that the computer no longer needs to change their passwords).
-
Daniel Kaliel 1,231 Reputation points
2022-04-01T20:38:38.193+00:00 on-premise. We are just going to stick with the service account.
Thank you for your reply.
-
Sumarigo-MSFT 40,561 Reputation points Microsoft Employee2022-04-11T06:01:25.163+00:00 @Daniel Kaliel May I know which Azure Storage Service are you using(Blob, Queue or File)?
Authorize access to blobs using Azure Active Directory
This article explain detailed information : Authorize requests to Azure Storage
Sign in to comment