Hi, I wrote several advanced functions and put them into the script module. Everything works fine but I want to "give" some of these functions to my colleagues who are not domain admins allowing them to run these functions which make changes to target computers. These changes require administrative rights on target computers (any domain computer) i.e. domain admins privileges which of course they should not be given to.
Is it possible to "impersonate" domain admin account inside advanced function so when "ordinary" user runs function it will be executed under domain admin account under the hood? I know it is possible to do similar thing with custom endpoint configuration where I can specify what someone can do and at the same time to do that under account with elevated privileges - for example to allow ordinary user to enable/disable ad account without delegating permission to do that in Active Directory.
- Edited by BoxiKG 17 hours 45 minutes ago