New Probe Configuration Guidance: Using a gMSA for N-central Probe

Written and published by Robbie Swartenbroekx

Please note: This configuration comes as unsupported but wanted to share this with you because it is working in the field for many partners.

We now have documented guidance for configuring an N-able Probe to run with a Group Managed Service Account (gMSA). This approach replaces manually managed service account credentials with an Active Directory-managed account that is better suited for secure service execution. The guide covers the required setup on the domain controller, creation of the gMSA and host group, and the member server steps needed to switch the service to the gMSA. For new probe deployments, the recommendation is to install the probe as Local Service first and then update it to use the gMSA. The document also includes an optional scheduled task example.

This guide documents how to configure an N-able Probe to use a Group Managed Service Account (gMSA) for more secure and lower-maintenance service authentication, including setup steps on the domain controller and member server.

Added Guidance for configuring an N-able Probe to run under a Group Managed Service Account (gMSA) Domain controller steps for creating the gMSA and assigning approved hosts Member server steps for updating a service to use the gMSA Recommendation for new probe installs to start as Local Service and then transition to the gMSA

New guidance is available for running N-able Probe with a gMSA, reducing manual password management and improving service account security. The document covers setup on both the domain controller and the member server, along with recommended handling for new probe installs.

Download the doc here: https://files.n-able.com/ncentral/NC-Docs/Using%20Group%20Managed%20Service%20Accounts.pdf