Knowledge Base

Our dedicated Product Specialist team is always ready to help you when you need it the most. Contact Support

How to impersonate the gatekeeper managed service account for troubleshooting

If you are an administrator using Specops Authentication, and you want test a reset as the managed service account, this article will walk you through how to use PsExec.exe to impersonate that account.

  1. Download PsTools from https://download.sysinternals.com/files/PSTools.zip
  2. Unzip the content and copy PsExec.exe to C:\Windows\System32
  3. Open a Command Prompt as admin and enter the command below:
Psexec.exe -u {yourdomain}\{yourgatekeeperserviceaccount} -I cmd.exe

By using PsExec.exe you will open the new Command Prompt in the System Context and the account doing all the operations will be the gatekeeper service account.

When prompted for a password, leave it blank and hit Enter

This will launch a new window in which you can utilize the command below to confirm you are using the gMSA

whoami

You will then want to launch powershell to be able to reset the password

powershell

then you will type in the command to reset to test user password reset

Set-ADAccountPassword -identity username -reset

It will then ask you to type in the password and confirm and it will reset

Publication date: March 7, 2024
Modification date: March 7, 2024

Was this article helpful?

Related Articles