Although some versions of Active Directory Users and Computers (dsa.msc) may expose a schema option to add Managed Service Accounts (msDS-ManagedServiceAccount). You should not use this option. This option is exposed because it is a schema option, but should not be used because several required properties will not be attached to managed service accounts created in this manner. Instead, you should use PowerShell to create managed service accounts.
The following example demonstrates how to create a service account, SQL-SRV1, in the container Managed Service Accounts in the Fabrikam.com domain:
New-ADServiceAccount -Name SQL-SRV1 -Path "CN=Managed Service Accounts,DC=FABRIKAM,DC=COM"
New-ADServiceAccount SQL-SRV1 -AccountPassword (ConvertTo-SecureString -AsPlainText "p@ssw0rd" -Force) -Enabled $true -Path "CN=Managed Service Accounts,DC=FABRIKAM,DC=COM" -ServicePrincipalNames "MSSQLSVC/FABRIKAM-SRV1.FABRIKAM.COM:1456"
Examples from http://technet.microsoft.com/en-us/library/dd391964.aspx
This posting is provided "AS IS" with no warranties, and confers no rights.