change directory service account to group managed service account

skipster311-175 · ‎May 31 2022

Hello

currently we are using a regular AD account for this. We want to change this group managed service account. What is the process for changing the directory service account to a group managed service account? Do i need to reinstall the agents ?

skipster311-175 · ‎May 31 2022

@skipster311-175

No need to reinstall the agents. Just create the gMSA in the domain, grant the computer accounts the permissions to retrieve its password, grant the gMSA the 'Logon as a service' privilege on the servers, and add the gMSA in the portal.

This is all documented in our docs:

https://docs.microsoft.com/en-us/defender-for-identity/directory-service-accounts#how-to-create-a-gm... and https://docs.microsoft.com/en-us/defender-for-identity/install-step2

skipster311-175 · ‎May 31 2022

@skipster311-175

No need to reinstall the agents. Just create the gMSA in the domain, grant the computer accounts the permissions to retrieve its password, grant the gMSA the 'Logon as a service' privilege on the servers, and add the gMSA in the portal.

This is all documented in our docs:

https://docs.microsoft.com/en-us/defender-for-identity/directory-service-accounts#how-to-create-a-gm... and https://docs.microsoft.com/en-us/defender-for-identity/install-step2

View solution in original post

change directory service account to group managed service account

change directory service account to group managed service account

Re: change directory service account to group managed service account

Re: change directory service account to group managed service account

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

change directory service account to group managed service account