![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 5%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJP%3C/text%3E%3C/svg%3E)
638 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 62%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDZ%3C/text%3E%3C/svg%3E)
Hello
Thank you for posting in Q&A forum.
Based on the description, you want to know test gmsa via Test-ADServiceAccount is true before you install gmsa via Install-ADServiceAccount, do you still need to install gmsa via Install-ADServiceAccount?
Based on my understanding,
Test-ADServiceAccount means checks readiness and proper delegation/permissions.
Install-ADServiceAccount means physically installs and registers the gMSA on the machine.
When you run Test-ADServiceAccount and get a True result, it means your computer is properly configured to retrieve and use that gMSA from Active Directory. However, Test-ADServiceAccount does not actually install the gMSA credentials locally—it only verifies that all prerequisites for using the gMSA are in place. In order for your services to actually use the gMSA, you still need to run Install-ADServiceAccount. It will install the necessary configuration on the local machine so that the operating system and services can authenticate using the gMSA.
Step-by-Step: How to work with Group Managed Service Accounts (gMSA)
I hope the information above is helpful.
If you have any questions or concerns, please feel free to let us know.
Best Regards,
Daisy Zhou
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.