Allow a blank user name and password in the connection configuration for AD
说明
In order to use an Active Directory Group Managed Service Account (gMSA), it must be possible to leave the user name and password blank in the configuration of an Active Directory (AD) connection, thus forcing authentication via the currently logged on user. The sync editor and AD connection configuration do not allow this.
原因
This is a product defect (#32693).
解决办法
WORKAROUND: None STATUS: This is fixed in version 8.1.3 and above. For older versions, please contact Support and ask for a copy of the fix for 32693.
变更请求
32693
其他信息
After upgrading to version 8.1.3, 8.2.0, or higher, If a gMSA is needed for running the sync, configure the job service to run as gMSA and leave the credentials of the component empty.
The sync component itself cannot retrieve the credentials of the gMSA at runtime.