Using a Group Managed Service Account (gMSA) for a scheduled task

Solution 1:

The answer has been blogged here: http://blogs.technet.com/b/askpfeplat/archive/2012/12/17/windows-server-2012-group-managed-service-accounts.aspx

Blog now archived here: https://web.archive.org/web/20130627015803/http://blogs.technet.com/b/askpfeplat/archive/2012/12/17/windows-server-2012-group-managed-service-accounts.aspx

The short version is to use the Register-ScheduledTask PowerShell cmdlet combined with New-ScheduledTaskPrincipal -LogonType Password -UserID YourDomain\YourgMSA$.

Solution 2:

I like @JasonStangroome answer but I would like to complete it a bit.

Complete command for a task that will run 14.00 on weekdays only and a description of the task in Task Scheduler.

$action = New-ScheduledTaskAction "C:\Applications\Service\Service.exe"
$trigger = New-ScheduledTaskTrigger -Weekly -DaysOfWeek Monday, Tuesday, Wednesday, Thursday, Friday -At 14:00
$principal = New-ScheduledTaskPrincipal -UserID domain\user$ -LogonType Password
Register-ScheduledTask Service -Description "Do service stuff" –Action $action –Trigger $trigger –Principal $principal

Note that this task from now on needs to be edited via Powershell, GUI can not be used. Also remember that the user needs access to the application it will be running. Service accounts are normally not searched for in Windows, this needs too be added specifically like this:

Solution 3:

In-case someone has this for Server 2016/2019, I had to do the following to set via the Task Scheduler GUI:

1. In the Change User or Group... dialog, change From this location to Entire Directory
2. Set Object Types to just Service Accounts (this option will only appear if on a domain location)
3. Used Advanced to find the gMSA account, or type just the name without $ or the domain prefix