Create gMSA
Description
This playbook automates the creation of a Group Managed Service Account (gMSA) in Active Directory. It sets up necessary variables, processes the list of delegated servers using a PowerShell script, and then creates the gMSA with the specified properties.
The playbook ensures the gMSA is placed in the correct OU, assigns permissions for password retrieval to the processed servers, and uses domain credentials for authentication.
Credentials
- sys_ansibel_aapwin
Input
| Variable | Description |
|---|---|
gmsa_identity |
Name of the gMSA to create |
gmsa_ou_path |
Distinguished Name (DN) of the target OU |
gmsa_target |
Comma-separated list of servers for delegation |
gmsa_domain |
AD domain name |
domain_user |
Domain username for authentication |
domain_password |
Domain password for authentication |
whatif |
Run in check mode (yes/no) |
Output
None