3

I'm trying to use GMSA for SQL connection from AspNet core application. All the prep steps are done, but it appears it does not work. I guess the reason is that the application is started with "dotnet.exe myapp.dll" and it is not using LocalSystem or Network accounts, which are the only ones which are "proxied" trough the GMSA account.

Is there a way to start the app in the container under LocalSystem without resorting to windows service or using IIS?

I already tried to utilize sysinternal's "psexec64 -s" as an entry point, but it fails with:

Connecting to local system...Starting PSEXESVC service on local system...Connecting with PsExec service on
1B2887C13C61...Error establishing communication with PsExec service on 1B2887C13C61:
The handle is invalid.
Sunny Milenov
  • 21,990
  • 6
  • 80
  • 106
  • Any luck with this issue? I have a setup where IIS proxies my asp.net core 2 app but I fear I will run into the same problem. – jscheppers Apr 03 '18 at 20:00
  • @jscheppers if by "proxy" you mean hosting in IIS, then you should be fine, as IIS is running under supported account. – Sunny Milenov Apr 04 '18 at 19:03
  • Have you got any information on this? I am trying to do the same and gMSA does not work. – Alex K. Jun 29 '18 at 14:01

0 Answers0