This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 22%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZZ%3C/text%3E%3C/svg%3E)
I like to change my SQL service account to gMSA, in order to do that I need install the gMSA account on the server.
However, to run Install-ADServiceAccount, I need run Install-WindowsFeature AD-DOMAIN-SERVICES. this will add AD features, and after install the server keeps reminding me to promote to DC, this is annoying and I have to remove the AD features after.
I am asking if it is possible to install the AD service account remotely? so that I don't have to install AD-Domain services on each sql server where I change to gMSA.
PS C:\SQL> Install-ADServiceAccount serviceaccountgmsa
Install-ADServiceAccount : The term 'Install-ADServiceAccount' is not recognized as the name of a cmdlet, function,
script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is
correct and try again.
At line:1 char:1
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Ok, gotcha now. In your case, you may need to install the AD module.
https://learn.microsoft.com/en-us/previous-versions/technet-magazine/gg413289(v=msdn.10)?redirectedfrom=MSDN
https://devblogs.microsoft.com/scripting/active-directory-week-get-started-with-active-directory-powershell/
--please don't forget to upvote and Accept as answer if the reply is helpful--
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
Sorry, no update. I thought I replied to you that without install the AD feature cannot run Install-ADServiceAccount : The term 'Install-ADServiceAccount' is not recognized
I don't see my reply.
I will probably log a ticket with Micrsoft, though the MS support is painful long process before reaching a real subject master who can really support.
Understood, In your case, you may need to install the AD module.
https://learn.microsoft.com/en-us/previous-versions/technet-magazine/gg413289(v=msdn.10)?redirectedfrom=MSDN
https://devblogs.microsoft.com/scripting/active-directory-week-get-started-with-active-directory-powershell/
--please don't forget to upvote and Accept as answer if the reply is helpful--
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 59%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECT%3C/text%3E%3C/svg%3E)
As @Anonymous metioned, you could only install the AD Powershell tools and it will be ok.
Install-WindowsFeature -Name RSAT-AD-Powershell
hth
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
thank you accepted your answer.
You're welcome.
@Anonymous ,
Can we just install the PowerShell RSAT module in one laptop and then execute the command against all of the servers to install the gMSA ?
Hi. Before running the "Install-ADServiceAccount servicegmsa" command, you should install RSAT tools for Active Directory Powershell. Run the following command:
Install-WindowsFeature RSAT-AD-PowerShell
After a few seconds, RSAT tools will install on your server. Then you can install and test SQL service account with the following commands:
Install-ADServiceAccount servicegmsa
Test-ADServiceAccount servicegmsa
@Esmaeil Yazdani ,
Do we need to install the RSAT-AD-PowerShell module on the server where the gMSA must run?
Yes you need to install it for using "Install-ADServiceAccount" on your servers
Thank you @Esmaeil Yazdani .
Also you can use the guides provided in the following website to create gmsa account graphically:
You can provision the gMSA in your existing active directory environment then it will be available to use on your domain joined SQL server.
https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/getting-started-with-group-managed-service-accounts#BKMK_Step1
--please don't forget to upvote and Accept as answer if the reply is helpful--
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
thanks for answering. the gMSA account has already set up and applied to a few domain joined SQL servers, however, you need run Install-ADServiceAccount command to install the gMSA account, without installing the AD feature, you cannot run the install AD service account command, as the error message shown in my post.
