How To Manage Active Directory Group Managed Service Accounts Using PowerShell

When Managed Service Accounts (MSA) were first introduced with Windows Server 2008 r2, many server administrators were extremely excited. until they read the fine print. MSA’s were only usable on a single server, meaning you’d have to create many for a single task across a farm, and they couldn’t be used to run Scheduled Tasks.Luckily their second iteration, Group Managed Service Accounts (gMSA) are much more usable AND useful!You can now create an appropriately privileged gMSA for a task and use it across an entire farm. You can now even use them to run Scheduled Tasks. That’s awesome news, but how do you get started?In this video, Josh will walk through the prerequisites for gMSA’s and will then demonstrate creating, using and removing one!

Prerequisites include: RSAT installed on the computer associated with the gMSA