Breadcrumbs

Create a GMSA Account

The Group Managed Service Account (GMSA) account is required during the Active Directory Federation Services (AD FS) installation and configuration.

To create a GMSA account open a Windows PowerShell command window and type:

›_ PowerShell

 
C:\> Add-KdsRootKey -EffectiveTime (Get-Date).AddHours(-10)

C:\> New-ADServiceAccount FsGmsa -DNSHostName MS-ADFS.com - ServicePrincipalNames http/MS-ADFS.com
tmpwf2cdntp.jpg

Create a GSMA account