Hi,

We have followed the MDI Deployment guide from Microsoft: https://learn.microsoft.com/en-us/defender-for-identity/deploy/deploy-defender-identity

We have also cross referenced this guide: https://jeffreyappel.nl/how-to-implement-defender-for-identity-and-configure-all-prerequisites/

The MDI Portal shows the gMSA account.

The MDI agents are running fine and reporting to the MDI Portal.

However, when we look at Services.msc on the Domain Controllers, the MDI agent runs under the security context of “Local Service” and not the gMSA account.

Can anyone advise us on whether this is correct? or should we see the gMSA account in Service.msc console? And what other config may be required to make it run under the gMSA account?

Thank you

SK

(screenshot below)

​Hi, We have followed the MDI Deployment guide from Microsoft: https://learn.microsoft.com/en-us/defender-for-identity/deploy/deploy-defender-identity We have also cross referenced this guide: https://jeffreyappel.nl/how-to-implement-defender-for-identity-and-configure-all-prerequisites/ The MDI Portal shows the gMSA account.The MDI agents are running fine and reporting to the MDI Portal.However, when we look at Services.msc on the Domain Controllers, the MDI agent runs under the security context of “Local Service” and not the gMSA account. Can anyone advise us on whether this is correct? or should we see the gMSA account in Service.msc console? And what other config may be required to make it run under the gMSA account? Thank youSK (screenshot below)     Read More

​