none
Data Collection using managed service accounts RRS feed

  • Question

  • Is it possible to run a data collector set under a managed service account? I place the gMSA in the Performance Log Users group and set the primarygroup & principalsAllowedToRetrieveManagedPassword for the MSA containing the Domain Controllers of which I am attempting to configure the data collector set.  When I get done configuring the properties of the User defined data collector set (and selecting the MSA as the RunAs in the General tab), it asks me for the password of the MSA.  Obviously, I don't know this password so I cannot save my changes.  Is this possible and, if so, how do I get around being asked for the password of a MSA?
    Friday, November 4, 2016 3:59 PM

All replies

  • p.s., to create the MSA, I ran New-ADServiceAccount cmdlet with the -PrincipalsAllowedtoRetrieveManagedPassword "Domain Controllers" as well as the Add-ADComputerServiceAccount specifying the DC with the -identity parameter to the DC I am attempting to run the data collector.
    Friday, November 4, 2016 4:06 PM