[SOLVED] Use gMSA account in TFS pipeline

Use gMSA account in TFS pipeline

Can we use gMSA account in TFS Release pipeline? I am trying to use gMSA account for 'Windows Machine File Copy' task but since I don't have the password for gMSA account, I specify an empty string.

But when I run, I get the following error

[error]Failed to Create PSDrive with Destination: '\Servername\D$\Path', ErrorMessage: 'Access is denied'

Solution

Thanks for reaching out. gMSA account, currently not supported in TFS.

However, there has been a related user voice:

Support for Active Directory Group Managed Service Accounts

https://developercommunity.visualstudio.com/idea/365494/support-for-active-directory-group-managed-service.html

You could vote up and track the process, our PM will kindly review any feature request.

If there is not a specific reason you need to run a gMSA account, you could use local system admin account and domain account instead.

Admin Login:

The username of either a domain or a local administrative account on the target host(s).

Formats such as domain\username, username, and machine-name\username are supported.
UPN formats such as username@domain.com and built-in system accounts such as NT Authority\System are not supported.