How do I use long names to refer to Group Managed Service Accounts (gMSA)?

Commonly domain user accounts are used as service accounts.

Yes, and no. Domain user accounts are commonly used as service logon accounts. This specific use of user accounts is not really the same as a Managed Service Account.

Anyways, the Managed Service Account object class does in fact have a userPrincipalName, but it doesn't seem to get populated by default when you create a new managed service account.

The New-ADServiceAccount cmdlet accepts a parameter called OtherAttributes which allows you to set account attributes by LDAP Display Name:

New-ADServiceAccount -Name longName -sAMAccountName truncname -OtherAttributes @{'userPrincipalName'="[email protected]"}

Best way to provide redundant switching/links to server

SonicWall and Windows CA

How to stop Postfix from accepting mail to [email protected]

Sudden and permanent increase in CPU input voltage, core temperature and fan speed without corresponding increase in load

LXC container with bridge networking exposes fake MAC address to external network

Amazon Linux pecl_http installed but not providing functions

How do I create a custom header from an existing SSL environment variable?

Restart idmapd without rebooting the host?

Upgrading Postgres.app 9.1 to 9.2, getting lc_collate values do not match error

How to give non-root user in Docker container access to a volume mounted on the host

What is React component 'displayName' is used for?

Integrating POP3 client functionality into a C# application?

How do I use long names to refer to Group Managed Service Accounts (gMSA)?

Related

Recent Posts