Lab
A Cloud Guru

Create and Deploy a Group Managed Service Account (gMSA)

In this hands-on lab, you will learn how to create and deploy a group Managed Service Account.

Try for free Contact sales

Path Info

Level

Intermediate

Duration

45m

Published

Jan 17, 2022

Challenge

Configure the Environment

Log in to both VMs and then join the dev-vm to corp.SandyNetworking01.com.
Challenge

Configure the KDS Root Key

Next, we need to configure our KDS root key.

Helpful Hint: Keep in mind that you have to set it back 10 hours or it won't take effect when you need it to.
Challenge

Create a Global Group

Create a global group named SandyGroup and add both servers into this group.
Challenge

Create a New gMSA

We are ready to create the group Managed Service Account. In this objective, create a gMSA and include SandyGroup as the principal allowed to retrieve the managed password.
Challenge

Test the gMSA

Finally, we will test the gMSA by creating a task in the scheduler that opens Notepad.exe using the gMSA instead of standard computer privileges.

Author

A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.