windows-powershell-docs icon indicating copy to clipboard operation
windows-powershell-docs copied to clipboard

Published 20 hours ago verified publisher icon MicrosoftDocs

Install-ADServiceAccount not required with gMSA

Open joheynek opened this issue 5 years ago • 3 comments

I notice the article indicates that this command is used for a standalone service account but also to cache a gMSA account. There are no further referenced to gMSA in the article and from my experience the install-adserviceaccount command is not required for gMSA accounts. Can this be verified and updated in the document as I have seen some contradictory blogs out in regards to this command. [Enter feedback here]

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

joheynek avatar Sep 09 '20 09:09 joheynek

This functions "installs" the gMSA https://docs.microsoft.com/en-us/windows/win32/api/lmaccess/nf-lmaccess-netaddserviceaccount

Looks like it's only cacheing credentials for gMSAs that would get cached on first use anyway.

ckrueger1979 avatar May 27 '21 08:05 ckrueger1979

From Steve Syfuhs, working with Windows and Authentication at Microsoft:

It does nothing. It’s a literal no-op. A gMSA is not bound to the machine like an MSA. There is no offline anything. It just doesn’t have a password until it can talk to a DC.

Source: https://twitter.com/SteveSyfuhs/status/1707271067293917606

martinsohn avatar Sep 28 '23 09:09 martinsohn

To make it easier for you to submit feedback on articles on learn.microsoft.com, we're transitioning our feedback system from GitHub Issues to a new experience.

As part of the transition, this GitHub Issue will be moved to a private repository. We're moving Issues to another repository so we can continue working on Issues that were open at the time of the transition. When this Issue is moved, you'll no longer be able to access it.

If you want to provide additional information before this Issue is moved, please update this Issue before December 15th, 2023.

With the new experience, you no longer need to sign in to GitHub to enter and submit your feedback. Instead, you can choose directly on each article's page whether the article was helpful. Then you can then choose one or more reasons for your feedback and optionally provide additional context before you select Submit.

Here's what the new experience looks like.

Note: The new experience is being rolled out across learn.microsoft.com in phases. If you don't see the new experience on an article, please check back later.

First, select whether the article was helpful:

Image showing a dialog asking if the article was helpful with yes and no answers.

Then, choose at least one reason for your feedback and optionally provide additional details about your feedback:

Article was helpful Article was unhelpful
Image showing a dialog asking how the article was helpful with several options. Image showing a dialog asking how the article wasn't helpful with several options.

Finally, select Submit and you're done!

officedocspr5 avatar Dec 08 '23 03:12 officedocspr5