What is a one-sentence summary of your feature request?
Allow the use of gMSA accounts to configure the SQL database via the Configuration Tool.
Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.
When deploying Netwrix Directory Manager in customer environments subject to strict security constraints, using traditional accounts with credentials (login/password) can be problematic or even prohibited.
Currently, although NDM supports gMSA (Group Managed Service Accounts) for certain use cases, it is not possible to use them when configuring the SQL database connection via the Configuration Tool Wizard (section “Database Settings” > “Account Credentials”).
This limitation raises several issues:
- Non-compliance with customer security policies (no password storage)
- Increased complexity in managing service accounts
- Operational risk related to password management and rotation
Adding gMSA support for SQL connections would enable:
- Better integration with secure environments
- Reduced risks associated with credentials
- Simplified administration
How do you currently solve the challenges you have by not having this feature?
Currently, we must use standard service accounts with passwords for SQL connections, which requires:
- Secure storage of credentials
- Manual management of password rotation
- Exceptions to security policies in certain environments
In some cases, this blocks or significantly complicates the deployment of the solution.
