gMSA winrm authentication in powershell

asked 2020-08-31T05:17:57.45+00:00
Meena S 1 Reputation point

How do we use gMSA credentials for remoting another server in same domain

Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
4,612 questions
No comments
{count} votes

2 answers

Sort by: Most helpful
  1. answered 2020-08-31T08:49:46.37+00:00
    Stoyan Chalakov 8,731 Reputation points Microsoft MVP

    Hi,
    you can't as you don't have the password.
    How to use gMSA account with Powershell

    From:
    Group Managed Service Accounts Overview

    "When a gMSA is used as service principals, the Windows operating system manages the password for the account instead of relying on the administrator to manage the password."

    and

    "The Key Distribution Service shares a secret which is used to create keys for the account. These keys are periodically changed. For a gMSA the domain controller computes the password on the key provided by the Key Distribution Services, in addition to other attributes of the gMSA. Member hosts can obtain the current and preceding password values by contacting a domain controller."

    and

    "gMSAs provide a single identity solution for services running on a server farm, or on systems behind Network Load Balancer. By providing a gMSA solution, services can be configured for the new gMSA principal and the password management is handled by Windows."

    ----------

    (If the reply was helpful please don't forget to upvote or accept as answer, thank you)

    Best regards,
    Stoyan

    No comments

  2. answered 2020-09-01T02:28:40.873+00:00
    Ian Xue (Shanghai Wicresoft Co., Ltd.) 18,351 Reputation points Microsoft Employee

    Hi,
    You need to use the password. For more details about gMSA you may refer to this link
    https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview#BKMK_OVER

    Best Regards,
    Ian

    No comments