Once you've decided on the name for your gMSA, run the following cmdlets in PowerShell to create the security group and gMSA.
# Replace 'WebApp01' and 'contoso.com' with your own gMSA and domain names, respectively
# To install the AD module on Windows Server, run Install-WindowsFeature RSAT-AD-PowerShell
# To install the AD module on Windows 10 version 1809 or later, run Install-WindowsCapability -Online 'Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0'
# To install the AD module on older versions of Windows 10, see https://aka.ms/rsat
# Create the security group
New-ADGroup -Name "WebApp01 Authorized Hosts" -SamAccountName "WebApp01Hosts" -Scope DomainLocal
# Create the gMSA
New-ADServiceAccount -Name "WebApp01" -DnsHostName "WebApp01.contoso.com" -ServicePrincipalNames "host/WebApp01", "host/WebApp01.contoso.com" -PrincipalsAllowedToRetrieveManagedPassword "WebApp01Hosts"
# Add your container hosts to the security group
Add-ADGroupMember -Identity "WebApp01Hosts" -Members "ContainerHost01", "ContainerHost02", "ContainerHost03"
Member
48 Points
165 Posts
gMSA support OS?
Jul 02, 2019 08:06 AM|IamGuy84|LINK
Hi folks,
I am using Asp.net core with windows authentication and Docker (Linux server).
I have read https://www.axians-infoma.de/techblog/windows-authentication-in-docker-containers-just-got-a-lot-easier/.
gMSA support windows server but does gMSA support windows 10?
I am waiting for your response.
Thanks in advance
All-Star
18815 Points
3832 Posts
Re: gMSA support OS?
Jul 03, 2019 02:29 AM|Nan Yu|LINK
Hi lamGuy84,
I am not familiar with gMSA , but refer to link : https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-containers/manage-serviceaccounts
Once you've decided on the name for your gMSA, run the following cmdlets in PowerShell to create the security group and gMSA.
Hope that helps.
Best Regards,
Nan Yu