How can we improve the management tools and experience in Windows Server?

[RBAC] [JEA] [Security] Implement a possibility to configure individual JEA roles in Windows Admin Center

We need custom role support for adding custom defined JEA roles in Windows Admin Center!

195 votes
Sign in
Sign in with: Facebook Google
Signed in as (Sign out)

We’ll send you updates on this idea

Miriam Wiesner shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in
Sign in with: Facebook Google
Signed in as (Sign out)
  • Sean@svc commented  ·   ·  Flag as inappropriate

    Please provide RBAC feature when manage cluster through Windows Admin Center.
    We are using Hyper-V clusters with SOFS clusters.It is not proper to use local or admin when we try to deligate different admin role to different operator, such as Hyper-V admin, SOFS admin, Backup admin, CAU admin.
    It will be good to have these RBAC in cluster level and just apply to the cluster,no single server.

  • Jon Fox commented  ·   ·  Flag as inappropriate

    +1 to Kurt's comment, as my customer is deeply involved with their current development of roles and JEA endpoints and with the decision looking as if WAC WILL BE part of their future administrative tool set, this may be more of a requirement than an ask.

  • Kurt Roggen [BE] commented  ·   ·  Flag as inappropriate

    Or low hanging fruit... support existing JEA end-points and allow WAC to connect to them (to support scenarios such as HelpDesk, etc). JEA roles are always specific per role and per organisation.

  • Matt Hitchcock commented  ·   ·  Flag as inappropriate

    Windows Admin Center should support connecting to custom JEA Endpoints, this basically solves the RBAC complexity in enterprises

  • Michael Rüefli commented  ·   ·  Flag as inappropriate

    By providing credentials, add support to provide JEA endpoint name. JEA support is crucial.
    Even better if available modules on the endpoint would be enumerated and non-available features get greyed out (optional).

  • Kurt Roggen [BE] commented  ·   ·  Flag as inappropriate

    Also fits into vision of providing RBAC capabilities.
    Example: support engineers can only see file & print mgmt aspects and can only perform actions defined in JEA.

  • J0F3 commented  ·   ·  Flag as inappropriate

    This is something thats abosultely needed in a modern infrastructure. Just full admin access of evryone to anythng is not anymore the way to go.

Feedback and Knowledge Base