This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 91%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJG%3C/text%3E%3C/svg%3E)
Windows Admin Center active directory requires you to connect to a DC for it to appear. As far as we can tell you must be a domain admin, however there are plenty of scenaiors like helpdesk where WAC would be useful to update user information without those users having domain admin rights. Is it possible to use WAC active directory extension without having domain admin rights?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 26%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGJ%3C/text%3E%3C/svg%3E)
After doing my own research, your answer should have been "you need to configure a JEA endpoint on the domain controller" and provide documentation for what minimum permissions and how to configure the JEA endpoint so that users can manage active directory without being a domain admin. That documentation doesn't exist as far as I can tell, so I guess I may need to write an article on it.
it would be great you can mark this as answer .
have a great day !
Thanks
kindly mark useful reply as answer which would also help other community members.
Have a great day!
Thanks a lot.
Thanks! This was very helpful! Did you ever create a documentation for this or actually implemented WAC with JEA?
Hello Justin @Justin Grote
Windows Admin Center supports the following end-user roles:
Reference article:
User access options with Windows Admin Center
Configure User Access Control and Permissions
Best Regards
Karlie
----------
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
@Karlie Weng thank you for your reply but I don't think you read my request at all. I don't care about the Windows Admin Center roles, I care about the minimum Local Server permissions for Windows Admin Server users to connect to a Domain Controller to run the Active Directory Extension without needing to be Domain Admin
hi, sorry for that didn't help :(.