What is a one sentence summary of your feature request?
Reduce permission requirement for Privilege Secure when targeting Active Directory.
Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.
Our documentations indicate that for targeting Active directory “Domain Admins” is a requirement.
"The following permissions are required for the service accounts:
For Active Directory and Windows member server/desktop management:
Membership in the Domain Administrators group in the target domain(s)"
I have a customer that wants to minimize Domain Admin membership.
What granular permissions should be set for Privilege Secure to be able to run all functionality with AD without Domain Admins?
How do you currently solve the challenges you have by not having this feature?
It is not currently possible to target active directory without “Domain Admins” permissions.