I have created an NPS Server (not on a domain controller). It is registered in Active Directory. However I keep getting errors. Event ID 4402 - There is no domain controller available for domain
If I add the NPS Server's AD Computer account to the Domain Admins group. It works fine, no errors and authenticates users without issue.
Obviously for security reasons I can't have this computer account as a Domain Admin. So my question is:
What permissions does an NPS Server need in AD if it is not installed on a Domain Controller?