Configuring Run As Accounts in VMM
Updated: January 15, 2013
Applies To: System Center 2012 - Virtual Machine Manager, System Center 2012 SP1 - Virtual Machine Manager
In System Center 2012 – Virtual Machine Manager, the credentials that a user enters for any process can be provided by a Run As account. A Run As account is a container for a set of stored credentials.
Only administrators and delegated administrators can create and manage Run As accounts. Read-only administrators can see the account names associated with Run As accounts that are in the scope of their user role.
The same restrictions on creating, managing, and viewing Run As accounts are in effect in both the VMM console and the VMM command shell. Delegated administrators and self-service users can only get objects that are in the scope of their user role and can only perform the actions that their user role allows.
Security for Run As accounts in VMM
System Center 2012 – Virtual Machine Manager uses the Windows Data Protection API (DPAPI) to provide operating system level data protection services during storage and retrieval of the Run As account credentials. DPAPI is a password-based data protection service that uses cryptographic routines (the strong Triple-DES algorithm, with strong keys) to offset the risk posed by password-based data protection. For more information about DPAPI architecture and security, see Windows Data Protection.
During the installation of a VMM management server, you can configure System Center 2012 – Virtual Machine Manager to use Distributed Key Management to store encryption keys in Active Directory Domain Services (AD DS). For more information, see Configuring Distributed Key Management in VMM.
In This Section
Use the procedures in this section to perform the following tasks.
Describes how to create Run As accounts
Describes how to disable and enable a Run As account to temporarily prevent its use.
Describes how to delete a Run As account.
For additional resources, see Information and Support for System Center 2012.
Tip: Use this query to find online documentation in the TechNet Library for System Center 2012. For instructions and examples, see Search the System Center 2012 Documentation Library.