Idea Details

Windows Nimbus service to use group Managed Service Account (gMSA)

Last activity 14 hours ago
Andrew Cooper's profile image
06-24-2019 05:00 AM

We would like The Windows "Nimbus Robot Watcher" Service to be supported using AD "group Managed Service Account" (gMSA) in addition to currently only supporting a AD standard user account.

gMSA's are designed to be used by windows services to manage the password used by the account (so it does not need to be managed manually by a normal AD user account). While also limiting the account so that it cannot be used for an interactive login (not required for a service).  For additional information see https://blogs.technet.microsoft.com/askpfeplat/2012/12/16/windows-server-2012-group-managed-service-accounts/

Regards, Andrew