Do you have a document you can share on steps to set up Microsoft Active Directory Group Managed Service Accounts (GMSA) for running the BigFix Server and platform services?
We’re trying to reduce the attack surface of traditional service accounts with passwords.
Thanks!
Nice that you’re trying this out… We’ve had it in our backlog for a while (various reasons for that).
I don’t think you’ll need any special documentation for the BigFix server services itself, just generic documentation would be applicable… but that does make me curious if GMSA would work with service accounts that use the BigFix API?