Can someone give some insight into managing service accounts in a Windows environment (mostly 2012r2 and up). I have an upcoming task that will require me to change a bunch of service account passwords and I am not looking forward to it because I've done this kind of thing before in the past and it was a huge headache. I've used Secret Server before as a way of automating this process and it was mostly pretty good but at my current employer they don't have any tools yet to make this more automated.
I looked at some articles on the managed service accounts feature in Windows Server but I'm not clear on whether this is something that needs to be setup prior to having the service accounts running your applications. If I was to use MSA what are the limitations, can it be used to manage no Windows/Microsoft applications? Can MSA be used after the fact?
Appreciate any feedback or feel free to point me to some video tutorials on the subject. I'm going to attempt to test in my lab as well. Thanks!