locked
Installing TFS with Group Managed Service Account RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi There,

    I am trying to use Group Managed Service Account gMSA to install TFS Server. I am new to gMSA and assuming that they can be used to configure and run TFS.

    I have undertaken the below steps

    1. Created a TEST-TFS01 server with Windows Server 2012 R2
    2. Created a Security Group testdc\TfsServers & Added the TEST-TFS01 server to this group
    3. Created a gMSA called testdc\TfsService and (-PrincipalsAllowedToRetrieveManagedPassword testdc\TfsServers)
    4. On Server TEST-TFS01 ran Install-AdServiceAccount TfsService & Test-AdServiceAccount TfsService to install & test the gMSA on the host (TEST-TFS01) 

    Now how should i use the gMSA as the service account to run TFS? I have tired to use testdc\TfsService$ however the TFS Setup Wizard needs a password to continue.

    Thanks in Advance.

    Chinkit


    • Edited by bobragland Monday, February 24, 2014 6:29 AM
    Monday, February 24, 2014 6:28 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Chinkit, 

    Thanks for your post.

    Sorry that I’m not familiar with GMSA, but according the useable account type information in this TFS document: http://msdn.microsoft.com/en-us/library/ms253149.aspx, TFS Service account only support the local account, domain account, Local Service account in a workgroup or Network Service account in a domain.   

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    • Marked as answer by bobragland Monday, February 24, 2014 10:48 AM
    Monday, February 24, 2014 9:04 AM
    Moderator

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Chinkit, 

    Thanks for your post.

    Sorry that I’m not familiar with GMSA, but according the useable account type information in this TFS document: http://msdn.microsoft.com/en-us/library/ms253149.aspx, TFS Service account only support the local account, domain account, Local Service account in a workgroup or Network Service account in a domain.   

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    • Marked as answer by bobragland Monday, February 24, 2014 10:48 AM
    Monday, February 24, 2014 9:04 AM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote
    Is there any update on this. I'm currently trying to get TFS 2013 Update 4 installed running on top of MS SQL 2014. The SQL instance has no issues understanding and using the Active Directory Group Managed Service Accounts that I have created, however the installer for TFS is complaining because when specifying the accounts (domain\ServiceAccount$) since they are gMSA you dont need to specify the password, however the installer seems to be expecting one :-( Any work around here?!? Hoping Microsoft can leverage it's own technology....
    Wednesday, July 15, 2015 2:33 PM