Using a group-managed service account can be a valid choice when you want to authenticate to network resources, such as a database or a web service. However, this has implications regarding transcription and the traceability of actions. A gMSA might be used elsewhere, making auditing a mess. Additionally, this account might have too many rights. All actions are executed under the identity of one account, instead of personalized virtual accounts.