Does DHCP DNS Dynamic update registration credentials support the use of GMSA on Windows Server 2016?

Question

I am trying to find an automated method for all of our service accounts within the domain. One account is the DHCP service account used for dynamic registrataion of objects. I would like to convert this to a Group Managed Service Account so the password on the Advance Tab/Credentials no longer has to be updated? Is this possible and if so What is the process to configure it? If GMSA can't be used is there another method that can be used to automatically update the password for this service?

Accepted Answer

Hello

Thank you for your question and reaching out. I can understand you are having query related to DHCP DNS Dynamic update registration credentials.

I believe for DHCP it will not work as you have to specify a password for the DNS Dynamic Update Credentials in DHCP console while gMSA does not provide a password

------------------------------------------------------------------------------------------------------------------------------------

--If the reply is helpful, please Upvote and Accept as answer--

Answer

Hi,

The easy way to give DHCP permissions to update DNS is to put the account inside the DNSUpdateProxy group.

Cheers

Does DHCP DNS Dynamic update registration credentials support the use of GMSA on Windows Server 2016?

1 additional answer