Create a Managed Service Account using RSAT for Windows 8.1

I always forget this so I figure it is worthy of a blog post.

I use the RSAT for Windows 8.1 tools and the default, when creating a managed service account is that the account gets created as a group managed service account. So what is the parameter to make the account work on Windows 2008 r2 systems (since they don’t support gMSAs)?

new-adserviceaccount -restricttosinglecomputer

If, after creating the account you run a get-adserviceaccount notice that the objectClass is “msDS-ManagedServiceAccount” and not “msDS-GroupManagedServiceAccount”

