I
Ian-York
I created a kdsrootkey yesterday to allow me to create group managed service accounts for use with SQL Server.
I knew I had to wait for domain sync to occur, however, this morning I still cannot create a group. When I checked using the Get-KDSRootKey cmdlet, it indicated an Effective Time of 9 days hence. I think I did not specify a time or the -EffectiveImmediately parameter.
As I would like to do some testing, is there any way to reset the EffectiveTime or indeed delete the key and start again....or is it just a case of thumb twiddling for 9 days!
Regards
Ian
Continue reading...
I knew I had to wait for domain sync to occur, however, this morning I still cannot create a group. When I checked using the Get-KDSRootKey cmdlet, it indicated an Effective Time of 9 days hence. I think I did not specify a time or the -EffectiveImmediately parameter.
As I would like to do some testing, is there any way to reset the EffectiveTime or indeed delete the key and start again....or is it just a case of thumb twiddling for 9 days!
Regards
Ian
Continue reading...