NetRemoveServiceAccount function

The NetRemoveServiceAccount function deletes the specified service account from the Active Directory database if the account is a standalone managed service account (sMSA). For group managed service accounts (gMSAs), this function does not delete the account from the Active Directory database. The secret stored in the Local Security Authority (LSA) is deleted for both sMSAs and gMSAs, and the state is stored in the Netlogon registry store.

This function has no associated import library. You must use the LoadLibrary and GetProcAddress functions to dynamically link to Logoncli.dll.

Syntax


NTSTATUS WINAPI NetRemoveServiceAccount(
  _In_opt_  LPWSTR ServerName,
  _In_      LPWSTR AccountName,
  _In_      DWORD Flags
);

Parameters

ServerName [in, optional]

The value of this parameter must be NULL.

AccountName [in]

The name of the account to be deleted.

Flags [in]

This parameter can have the following value.

ValueMeaning
SERVICE_ACCOUNT_FLAG_UNLINK_FROM_HOST_ONLY
0x00000001

For sMSAs, the service account object is unlinked from the local computer and the secret stored in the LSA is deleted. The service account object is not deleted from the Active Directory database. This flag has no meaning for gMSAs.

 

Return value

If the function succeeds, it returns STATUS_SUCCESS.

If the function fails, it returns an error code.

Requirements

Minimum supported client

Windows 7 [desktop apps only]

Minimum supported server

Windows Server 2008 R2 [desktop apps only]

Header

Lmaccess.h

DLL

Netapi32.dll

See also

NetAddServiceAccount
NetEnumerateServiceAccounts
NetIsServiceAccount

 

 

Community Additions

ADD
Show:
© 2014 Microsoft