June 2017
Beginner to intermediate
742 pages
18h 29m
English
Content preview from Mastering Active Directory
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Group Managed Service Accounts
In the previous section, we talked about Managed Service Accounts. One Managed Service Account can be used with one computer only. But there are operation requirements which require the same service account to be shared in multiple hosts. Microsoft's network load balancer, the IIS server farm, is a good example of this. All the hosts in these server groups are required to use the same service principal for authentications. Group Managed Service Accounts (gMSA) provides the same functionalities as Managed Service Accounts, but it extends its capabilities to host group levels. This was first introduced with Windows Server 2012.
The gMSA has got the following capabilities:
- No password management
- Supports sharing ...