Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Active Directory - Service Accounts
Rating: 4.5 out of 5(30 ratings)
1,168 students

Active Directory - Service Accounts

Master Service Accounts in Active Directory
Created byDavid Horák
Last updated 4/2025
English

What you'll learn

  • Why domain user accounts as service accounts are a security risk.
  • How Kerberoasting works and how attackers steal service account passwords.
  • Differences between built-in Windows accounts like Local System & Network Service.
  • How Virtual & Managed Service Accounts (VSA/MSA) improve security.
  • Step-by-step setup of GMSA and transitioning from insecure service accounts.

Course content

1 section5 lectures35m total length
  • Introduction0:46
  • Active Directory - Service Accounts18:09
  • Active Directory - Service Accounts - Demo14:37
  • Free Resources0:29
  • Quiz
  • Outroduction1:09

Requirements

  • Beginner-friendly, but basic knowledge of Active Directory and Windows OS is recommended for the best learning experience
  • No prior security expertise is required—everything will be explained in depth

Description

Service accounts are essential for running applications and services in an Active Directory environment, but misconfigurations can leave your organization vulnerable. Using regular domain user accounts as service accounts is a dangerous practice that exposes your network to credential theft, Kerberoasting attacks, and privilege escalation.

In this course, we will explore the risks associated with service accounts and how to secure them properly. We will cover:

  • Common Misconfigurations – Why using domain user accounts as service accounts is a bad practice.

  • Kerberoasting Attacks – How attackers exploit weak service accounts and extract passwords.

  • Built-in Windows Accounts – Understanding Local System, Local Service, and Network Service accounts.

  • Virtual & Managed Service Accounts (VSA & MSA) – Secure alternatives to domain user account.

  • Group Managed Service Accounts (GMSA) – The best-practice approach to managing service accounts across multiple devices.

  • Live Demonstration – Watch a full step-by-step demo on how to extract passwords from service accounts and securely transition to GMSA.


By the end of this course, you will be able to properly manage service accounts, eliminate unnecessary risks, and implement best practices to protect your Active Directory environment. You will gain practical experience, improve security posture, and confidently defend against common threats targeting misconfigured service accounts and unwanted escalation paths.

Who this course is for:

  • IT Administrators managing Active Directory environments.
  • Security engineers securing Windows infrastructures.
  • Cybersecurity professionals assessing AD security risks.
  • Anyone responsible for securing authentication & service accounts.