gMSA support OS? [Answered] RSS

• • Reply
  IamGuy84

  Member

  52 Points

  172 Posts

  gMSA support OS?

  Jul 02, 2019 08:06 AM|IamGuy84|LINK

  Hi folks,

  I am using Asp.net core with windows authentication and Docker (Linux server). 
  I have read https://www.axians-infoma.de/techblog/windows-authentication-in-docker-containers-just-got-a-lot-easier/. 
  
  gMSA support windows server but does gMSA support windows 10?
  
  I am waiting for your response.
  
  Thanks in advance

• • Reply
  Nan Yu

  All-Star

  18815 Points

  3831 Posts

  Re: gMSA support OS?

  Jul 03, 2019 02:29 AM|Nan Yu|LINK

  Hi lamGuy84,

  I am not familiar with gMSA , but refer to link : https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-containers/manage-serviceaccounts

  Once you've decided on the name for your gMSA, run the following cmdlets in PowerShell to create the security group and gMSA.

  # Replace 'WebApp01' and 'contoso.com' with your own gMSA and domain names, respectively
  
  # To install the AD module on Windows Server, run Install-WindowsFeature RSAT-AD-PowerShell
  # To install the AD module on Windows 10 version 1809 or later, run Install-WindowsCapability -Online 'Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0'
  # To install the AD module on older versions of Windows 10, see https://aka.ms/rsat
  
  # Create the security group
  New-ADGroup -Name "WebApp01 Authorized Hosts" -SamAccountName "WebApp01Hosts" -Scope DomainLocal
  
  # Create the gMSA
  New-ADServiceAccount -Name "WebApp01" -DnsHostName "WebApp01.contoso.com" -ServicePrincipalNames "host/WebApp01", "host/WebApp01.contoso.com" -PrincipalsAllowedToRetrieveManagedPassword "WebApp01Hosts"
  
  # Add your container hosts to the security group
  Add-ADGroupMember -Identity "WebApp01Hosts" -Members "ContainerHost01", "ContainerHost02", "ContainerHost03"

  Hope that helps.

  Best Regards,

  Nan Yu