I have a question regarding admin Privileges for Onboarding.
Does the account used for “Create User” in Microsoft Active Directory via Orchestration really need Full Admin Privileges?
The installation guide mention either Administrator or Remote Management Users but is there another way?
The login credentials used in the app configuration should be either of an Administrator or an user who has been added to the built-in group “Remote Management Users”.”
Greetings from Freshservice!
Yes. The credentials for setting up the Microsoft On-Prem AD Orchestration App should be either from the Admin or or an user who has been added to the built-in group “Remote Management Users”.
The reason being , the Admin role would be having a write access to the AD server. For any request that is made from Freshservice , we would need to write it onto the server. We will not be able to use a non-Admin’s credentials for setting up the Orchestration Application.