Closed Afsars12 closed 2 years ago
Ok I think the SID of the gMSA account will get captured during installation of domain and put that in pre-built script
You are correct, there is no need to update the gMSA if you use AMS to generate the script. It does this automatically for you.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs.
Hi Team,
I have a query regarding Delegate Microsoft LAPS password permissions using a script, Script says to simply change the $ou variable to the full DN on of the container than contains the computers we want to be able to access with AMS. But it does not say anything about the service account(gMSA) do we need to enter the SID of the gMSA in the script or do we need to leave it as is?
$serviceAccountSid = new-object System.Security.Principal.SecurityIdentifier "S-1-5-21-2997827111-2954209351-769455768-368483"
Kindly revert