I have created GMSA in my prod environment using below command.
New-ADServiceAccount Prod$ -Prod$.dev.corp.com -PrincipalsAllowedToRetrieveManagedPassword TestGroup ( This is the command which ran on DC )
Here GMSA account name is = Prod$
Domain name = dev.corp.com
Group name = TestGroup
Also below commands ran on client servers as well.
Install-AdServiceAccount Prod$
Test-AdServiceAccount Prod$
When checked in Domain Controller found that the account is automatically created under GroupManagedServiceAccount folder.But we cannot find the user named 'Prod$
As this GMSA account created as " Prod$ " this giving some issues to development team for their testing.The reason is they want this account to be part of another group, when they are trying to add this account(Object Type : Users or Groups) they are getting message that an object named Prod cannot be found.
So my query here are
1) Is it possible to edit the existing GMSA "Prod$" account and make it as "Prod" ?
2) Is it possible to Edit/create this GMSA as a user/computer named 'Prod' with non-alphanumeric characters in it ?
Any help is much appreciated.