I am looking to spin up new app servers for our install. And i am wondering if i can use gMSA (Group Managed Service Account) Accounts in this setup.
What i am looking to create a an environment where services account are not used with passwords and remove the need to logon.
is this something that I can achieve. while im still on prem.
Let me know what you all think.
The company I was at last implemented this. There is some powershell you have to run on each server to get that account available to use. Also look in EpicCare, there may be a KB that tells you how to do this.
I created a support ticket about a 2 years ago asking if gMSA accounts are supported or planning to, support said not currently.
We currently use gMSA for service accounts but in the Epicor Administration Console we have stuck with user and password.
Please let us all know if you find out anything.
Three times I have seen ransomware attacks its always leveraged a service account.