LogoLogo
  • WorkSpaces Manager Administration Guide for Version 6
  • Introduction
  • USER Section
    • User Dashboard
    • Change Password
  • ADMIN Section
    • Admin Dashboard
    • User Preferences
    • WorkSpaces Personal
    • WorkSpaces User Tab
    • Metrics
    • WorkSpaces Pools
    • Secure Browser
    • Users
    • Task Queue
    • Update
    • Reports
  • CONFIGURATION Section
    • Settings
      • Licensing
      • Enterprise Settings
      • Active Directory (Single or Multiple Domains)
      • WorkSpaces (Personal)
      • WorkSpaces (Secure Browser)
      • WorkSpaces (Pools)
      • Amazon Web Services
      • Remote Service Account
      • Email
      • Auto Change Compute Type
    • Schedule Rebuild
    • Schedule Start
    • Fixed Tags
    • AP Profiles
    • Custom Password Module
    • Branding
  • RESOURCES Section
    • Bundles
    • Directories
    • Regions
    • Images
    • Email Templates
  • SECURITY Section
    • Portal Users
    • Roles
  • SUPPORT Section
  • Appendices
    • Cost Optimizer Verification
    • How do I create a WorkSpace for a user?
    • Adding a single new user and creating them a WorkSpace
    • Copy an existing user and creating them a WorkSpace
    • Creating a WorkSpace from a user already in Active Directory
    • Auto-Provision by AD Group
    • Auto-Provision by Entra Group
    • Temporary WorkSpaces
    • Adding Another Domain
    • Multi AWS Accounts
      • Testing Multi-Accounts
      • KMS Multi-Accounts
    • Active Directory Service Account FAQ
Powered by GitBook
On this page
Export as PDF
  1. Appendices

Active Directory Service Account FAQ

PreviousKMS Multi-Accounts

Last updated 24 days ago

Under what scenarios modify, create or delete actual user objects? It can create users only.

Under what scenarios does WSM modify, create or delete actual user groups? It only modifies user groups to remove a user when a workspace is terminated after being created via an AutoProvision profile.

Under what scenarios does WSM modify, create or delete computer objects? It modifies the description of a computer object to add the friendly name when the option is toggled on in settings. Objects are created by Amazon during workspace creation. We only remove the computer object when the option is toggled on in settings, otherwise it is orphaned. At this point we only list orphaned objects but do not manipulate them.

The answers above are based on a delegated service account, and are therefore subject to the permissions and OU restrictions placed on the service account in your AD environment.