This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
This article says "Create a dedicated service account. Create a dedicated user/service account in the Active Directory forest that is located in the identity provider organization."
But gives no information about what rights this service account needs. Is it a Domain User account, a Domain Admin or does it need to be a member of any particular security group?
Answer accepted by question author
Any standard domain account can be used as a service account for AD FS. Group Managed Service accounts are also supported. The permissions required at runtime will be added automatically when you configure AD FS.
https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/overview/ad-fs-requirements#BKMK_4
--please don't forget to upvote and Accept as answer if the reply is helpful--
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
Thanks Dave!
You're welcome.
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more
