Sean:
A service account is an account created in Active Directory, usually with the option to have a password never expire, which is used for automated jobs or applications to use to take advantage of Active Directory.
For the LEM's AD connector, no special permissions are required, and it doesn't need to be a domain admin. The account is used just for directory queries.
