Group Managed Service Account for Server Monitoring
gopogoc
Posts: 3 New member
Hi, I am trying to use gMSA account for monitoring servers, different one that Base Monitor is using.
But it still asks for password (account has $ at the end of it) and cannot add server to monitor using gMSA account.
Please do check attached file, and advise how to use gMSA for SQL Server monitoring, thanks
Tagged:
Answers
We don't technically support gMSA accounts for monitoring unless the SQL Monitor Base Monitor service is set to use one and then you use the "(Use Base Monitor Account)" option. This would only allow one gMSA for all entities though.
However, it appears that it may work if you have the base monitor service running as Local System then on the Configuration > Monitored servers page when you are adding the server, if you select the radio button option for "Specify a Windows account" and enter the gMSA user name there (e.g. domain\myGMSAName$), and use "_SA_{262E99C9-6160-4871-ACEC-4E61736B6F21}" as the password (I don't think you enter the double quotes, but see https://social.technet.microsoft.com/Forums/en-US/9c88e74d-0710-46a0-8eb8-d0fcd9d18191/how-to-impersonate-as-group-managed-service-account-gmsa-in-application?forum=winserverDS) and also use WinRM HTTP or WinRM HTTPS (as DCOM doesn't work) then it may work to allow you to use a different gMSAs for different monitored entities.
Kind regards,
Alex
Have you visited our Help Center?