PowerShell Admin mode - Access Controls and Security approaches

Tom Williams 21 Reputation points
2021-10-19T14:35:45.297+00:00

Anyone who has used PowerShell, knows that most operations require it to be run in an Elevated Admin Approved mode, otherwise many functions fail with obscure errors. However giving engineers or other power users full admin privileges akin to local administrator seems excessive. Is there a way to grant access to this functionality and still adhere to least privilege?
I typically create Privileged Engineer/Network/etc. accounts for those who need higher permissions when justified by appropriate paperwork. But as for the actual permissions and granularity in active directory/secpol. How does one split the difference.

V/R,
Tom Williams

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,103 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,811 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,435 questions
0 comments No comments
{count} votes

1 additional answer

Sort by: Most helpful
  1. Limitless Technology 39,481 Reputation points
    2021-10-20T09:08:33.133+00:00

    Hello anonymous user,

    Thank you for your question.

    It's something simple to be done, follow the steps below:

    1) Check the windows 10 version to determine the updates that need to be installed, for that do this action:

    Press the windows button on the keyboard + R and type: winver, after that a small box with some information should appear, one of them is the Version or Build.

    2) After that, access the link below to download the update according to version and Build:

    https://support.microsoft.com/en-us/topic/windows-10-update-history-1b6aac92-bf01-42b5-b158-f80c6d93eb11

    3) After verifying the update, you must download it from the Microsoft catalog through the link below:

    https://www.catalog.update.microsoft.com/Home.aspx

    example update name "KB5006670" just type that KB into the Microsoft Catalog and download the update.


    If the answer is helpful, please vote positively and accept as an answer.

    0 comments No comments