none
Group managed service accounts for AD RMS and DNS Dynamic Update Credentials in DHCP

    Question

  • Hi,

    Can I use Group managed service accounts for AD 2012 R2 RMS service account and DNS Dynamic Update Credentials in DHCP failover?

    Thursday, March 9, 2017 7:17 AM

Answers

All replies

  • I think for DHCP it will not work as you have to specify a password for the DNS Dynamic Update Credentials in DHCP console while gMSA does not provide a password..

    but for AD RMS, I have two Windows 2012 R2 nodes with AD RMS role installed and load balanced by a hardware load balancer; is it applicable I configure a gMSA for the AD RMS service account?

     
    Thursday, March 9, 2017 7:50 AM
  • Hi,
    Based on my research, I have not found official document to say that GMSA doesn’t work in ADRMS. You could refer to the following article regarding the requirements of GMSA to see if ADRMS meets these requirements: https://technet.microsoft.com/en-us/library/hh831782(v=ws.11).aspx
     However, since the question is also related to ADRMS, I would suggest that you could also post the question in ADRMS forum.
    https://social.technet.microsoft.com/Forums/en-us/home?forum=rms
    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.
    Best regards,
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Proposed as answer by Wendy JiangModerator Monday, March 13, 2017 9:41 AM
    • Unproposed as answer by AhmadJY Tuesday, March 14, 2017 7:24 PM
    Friday, March 10, 2017 7:49 AM
    Moderator
  • I searched and I think it is not, reference to this article: https://technet.microsoft.com/en-us/library/jj128431(v=ws.11).aspx#BKMK_Update_gMSA , only below places are supported for assigning gMSAs:

    •  IIS application pool
    • Windows Services

    • Task Scheduler

    • Marked as answer by AhmadJY Friday, March 17, 2017 7:20 AM
    Friday, March 17, 2017 7:20 AM