Did you ever get anywhere with this? I'm hoping to leverage GMSAs as well. Specifically, I don't want to have to give a standard user / service account domain admin access. GMSAs seem like a good alternative. Just assign it to the group "domain controllers" and let AD manage the password. I haven't set anything up yet but I see a problem already...
How can I use a managed service account in a system that requires entry of a password?
I am also looking into this and was wondering if either of you found a way to use GMSA's as windows creds... I levitated to the exact same situation...can't add creds without a password. I'm thinking this simply won't work, but would greatly appreciate to see where you guys resulted. Please reply when you can...Thanks, Tony
I didn't get anywhere with it unfortunately. I think it's just a limitation that will have to be addressed as a feature request. For now, we've been creating normal user IDs as "service" accounts then removing rights and disabling interactive login with GPO. Not ideal in the slightest.
Hi, we have the same need - and want to use a gMSA for access to active directory.
I did a support case on this, but the replay was:
Unfortunately, this feature (Use Windows Managed Account for monitoring) is not available in our product at this moment.
I create a Feature Request for your request.
So I guess, it is now a feature-request .
Have a good day - AWR