Group managed service accounts (gMSAs) can be used in Device42 as a means to perform credential-less discovery of Windows devices via WMI.
By using a gMSA, you will not need to store Windows user account credentials in Device42.
This is achieved by configuring the WDS to run under the gMSA and permissioning the gMSA as you would normally for Windows discovery.
See Benefits of gMSAs for information on the advantages of using a gMSA.
Architecture Diagram
Assumptions
You have designated a Windows host to install the Windows Discovery Service (WDS) on.
Please note that the host must meet the following requirements:
OS must be at Windows 8.1 Windows Server 2012 R2 Windows Embedded 8.1 Industry Enterprise Windows Embedded 8.1 Industry Pro) or above
OS must be on the latest OS patch level
Host must be domain joined
You have administrator privileges to a domain controller in order to create the KDSRootKey (if one does not exist already) and configure the gMSA and/or any related security groups
Comments
0 comments
Article is closed for comments.