After doing my own research, your answer should have been "you need to configure a JEA endpoint on the domain controller" and provide documentation for what minimum permissions and how to configure the JEA endpoint so that users can manage active directory without being a domain admin. That documentation doesn't exist as far as I can tell, so I guess I may need to write an article on it.
Windows Admin Center Active Directory Minimum Permissions
Windows Admin Center active directory requires you to connect to a DC for it to appear. As far as we can tell you must be a domain admin, however there are plenty of scenaiors like helpdesk where WAC would be useful to update user information without those users having domain admin rights. Is it possible to use WAC active directory extension without having domain admin rights?
3 answers
Sort by: Most helpful
-
-
Karlie Weng 18,276 Reputation points Microsoft Vendor
2021-03-05T08:18:04.47+00:00 Hello Justin @Justin Grote
Windows Admin Center supports the following end-user roles:
Reference article:
User access options with Windows Admin Center
Configure User Access Control and PermissionsBest Regards
Karlie----------
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. -
Grote, Justin 11 Reputation points
2021-03-05T16:36:13.233+00:00 @Karlie Weng thank you for your reply but I don't think you read my request at all. I don't care about the Windows Admin Center roles, I care about the minimum Local Server permissions for Windows Admin Server users to connect to a Domain Controller to run the Active Directory Extension without needing to be Domain Admin