I've just set up a new gMSA on our domain, everything works fine except now that the password has expired, it will not update on the server. I am getting a logon failure for my services. This isn't a replication issue since it has been about 5 days since it had updated. So far it is happening across all 3 servers it was installed on - all Server 2019.
Test-ADServiceAccount returns true.
Asked
Active
Viewed 23 times
0
Adam
- 1
- 1
-
Is the account configured per this checklist? https://docs.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/getting-started-with-group-managed-service-accounts – Greg Askew Sep 12 '22 at 16:17
1 Answers
0
I believe this was due to the samAccountName being 16 characters total and the maximum it could be was 15. (15 + $ at end)
Adam
- 1
- 1