Create new user in domain activity not working after updating mid server service to GMSA account

dan167 · ‎03-20-2024

Hi everyone,

We are testing a new GMSA account for a mid server service and a create new user in said domain flow is not completing after updating the credential in SN to use the mid server service account. I can run our password reset flow for the same domain and that works with the same GMSA account. GMSA account has same permissions in AD as previous account.

When running the flow it gets to the create user activity and then stops before it gets to the powershell part of action. Almost like it does not know what connection alias to use.

Do you all know if we need to update anything in SN after switching over to a GMSA account in SN other than the credential?

Attached a few images of flow, action and mid server script.

When we flip the account back to a standard domain account and update the credential to where we type out the password and UID the flow works.

Any assistance would be appreciated.

dan167 · ‎12-17-2024

Cannot use GMSA accounts with Active Directory Spokes

View solution in original post

dan167 · ‎12-17-2024

Cannot use GMSA accounts with Active Directory Spokes

HSU · ‎04-09-2025

For more binding information:
KB1217051 GMSA account for Microsoft AD Spoke - Support and Troubleshooting

This is not a good news. 😑

williame · ‎07-31-2025

You can use the V1 spokes for gMSA

dan167 · ‎07-31-2025

Per SN they said we had to use an actual account with username and password. Does it only work with V1 because that is being deprecated?