One of the more interesting new features of Windows Server 2008 R2 and Windows 7 is Managed Service Accounts. MSA’s allow you to create an account in Active Directory that is tied to a specific computer. That account has its own complex password and is maintained automatically. This means that an MSA can run services on a computer in a secure and easy to maintain manner, while maintaining the capability to connect to network resources as a specific user principal. The Windows Server 2008 R2 AD Schema introduces a new object class called msDS-ManagedServiceAccount. For further reading on Managed Service Accounts, check out: Service Accounts Step-by-Step Guide, and Managed Service Accounts, or read here.