I just want to double check before possibly breaking something. I want to move the majority of created service accounts in AD to another OU (doing a clean up). I understand Exchange service accounts should stay put, but those that I've created, can these be moved to a different OU without breaking anything?
These will be moved within the same Domain, on Windows Server 2012.
Thanks
It depends!
If they're being used by something native to Windows (say, services or task scheduler or IIS app pools), then they're fine to move.
However, if they're being used as LDAP bind accounts (often in third-party software), there's a pretty good chance that something's hardcoded to the account's current distinguished name (which will change on move).
If you can, verify how the account's being used before moving it - and be ready to move it back in case something blows up.
