4/10/2023 0 Comments Windows admin center gateway![]() ![]() Also, there doesn't seem to be any GPO setting for this (or at least I couldn't find it). Unfortunately, this doesn't seem to be an actual ACL on the computer object thus it doesn't seem possible to handle this with an ACL at the OU or domain level. i used wget to get the latest admin center MSI inside server core via rdp then ran openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate. However, what we would like is for this to be automated: when a new server is joined to the domain, the WAC gateway should automatically be granted a Kerberos delegation to manage it. Of course, this can easily be scripted for multiple servers. Set-ADComputer $server -PrincipalsAllowedToDelegateToAccount $wac $server = Get-AdComputer "Managed Server Name" This requires setting up Kerberos constrained delegation to allow WAC to operate on the servers on behalf of the users this is well documented, and works this way: $wac = Get-AdComputer "WAC Server Name" We want to use Windows Admin Center to manage our environment WAC will run on a dedicated server in gateway mode, and administrators will manage servers through WAC.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |