Done various searches and I believe I have everything right, but things still aren't working correctly.
I've installed the gMSA and get a true when running Test-ADServiceAccount. I've added the account to the Log on as a batch job in local security policy. (yes, I did IIS Reset)
I've tried putting the gMSA in as both domain/account and simply account, but I'm still getting an invalid identity error. (Id 5021 and 5057)
Are there any other rights or anything else I may have missed?
I've read some articles that reference putting something in a docker file. Being a bit new to IIS I'm not sure where it is, let alone exactly what to put in, or if this would actually solve my problem. Most of the file references are to a C:/ProgramData, but I don't have such a folder.