Windows Admin Center setup

 

Installation

On the WAC machine, run an elevated PowerShell prompt.

Start-BitsTransfer -Source https://aka.ms/WACDownload -Destination "$env:USERPROFILE\Downloads\WindowsAdminCenter.msi"

Start-Process msiexec.exe -Wait -ArgumentList "/i $env:USERPROFILE\Downloads\WindowsAdminCenter.msi /qn /L*v log.txt REGISTRY_REDIRECT_PORT_80=1 SME_PORT=443 SSL_CERTIFICATE_OPTION=generate"

This installs a self-signed certificate.

Use

In a web browser, navigate to https://<wacmachine>.

SSO

On a machine with the AD PowerShell module installed, run the following for every machine you want to administer using WAC.
Set-ADComputer -Identity Server -PrincipalsAllowedToDelegateToAccount (Get-ADComputer WAC)

This will not require a reboot of the server, but I've found that it will take a few minutes to take effect.

On the client machine, open Control Panel | Internet Options | Security tab. Add the WAC machine to the Trusted sites zone. Set the Trusted sites zone security level to Low.

https://docs.microsoft.com/en-us/windows-server/manage/windows-admin-center/configure/user-access-control

References

https://github.com/MicrosoftLearning/AZ-800-Administering-Windows-Server-Hybrid-Core-Infrastructure/blob/master/Instructions/Labs/LAB_04_Using_Windows_Admin_Center_in_hybrid_scenarios.md

https://craigb-coursewarenotes.blogspot.com/2022/05/course-az-800.html