Question

Can a non-domain joined VBR server use a gMSA?

K

Can non-domain joined VBR v12 servers use a gMSA?

All of our Veeam servers are off our domain, but can communicate with AD, and I'm exploring if I can use gMSA instead of a service account.

I've read the KB on gMSA for Veeam, but it's written in a way that tends me to believe its for domain joined VBRs servers. A few articles online show that non-domain joined containers can run gMSA, but doesn't read as if non-domain joined servers can do that or not.

https://helpcenter.veeam.com/docs/backup/vsphere/using_gmsa.html?ver=120

3 comments

MatzeB
Userlevel 3
Badge +2

Yes that’s possible. You need a client in the domain which you use as guest-interaction proxy. You can assign the role to this windows machine. Than the VBR server can be outside the domain.

 

Regards

Matze

Matthias Beller - VMCA2022/2020 | VMCE2021/2020 | Veeam Vanguard
Chris.Childerhose
Userlevel 7
Badge +18

Yes that’s possible. You need a client in the domain which you use as guest-interaction proxy. You can assign the role to this windows machine. Than the VBR server can be outside the domain.

 

Regards

Matze

This is exactly the way to solution this for your use case.

Chris Childerhose - VMCA2022 | VMCE2021 | Veeam Vanguard 6* | Veeam Legend | vExpert 4*| VCAP-DCV/VCP-DCV | MCITP | Twitter: @cchilderhose | NEW Site – https://justvirtualization.blog
Link State
Userlevel 7
Badge +7

@kyle.briski 

As already confirmed, you can use gMSA and execute ldap queries on the domain even if the VBR is not joined, just open the preparatory ports.

It is advisable to leave the VBR server in a workgroup, or join it to a management domain and not in the client/infrastructure domain you are trying to protect.
Regards

care it

 

Veeam: VMCA 2022 | VMCE 2020 | VMXP | Veeam Legend - Microsoft: MCITP | MCP | MCSA | 2008 R2 | 2012R2 | 2016 | MCSE Core Infrastructure | MCSE Cloud Platform - Azure: AZ900 | AZ104 - VMWare: VCP-DCV Vsphere 7.x 2022 - Cisco: CCNA (Expired)

Comment


Terms & Conditions