Skip to content
This repository has been archived by the owner before Nov 9, 2022. It is now read-only.


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit

Fix markdown link to `DSC Resource` folder by using %20 to encode the space character that caused the broken link

Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Just Enough Administration Samples and Resources

Just Enough Administration (JEA) is a PowerShell security technology that provides a role based access control platform for anything that can be managed with PowerShell. It enables authorized users to run specific commands in an elevated context on a remote machine, complete with full PowerShell transcription and logging. JEA is included in PowerShell version 5 and higher on Windows 10 and Windows Server 2016, and older OSes with the Windows Management Framework updates.

This repository contains sample role capabilities created by the Microsoft IT team and the official DSC resource that can be used to deploy JEA across your enterprise. General information and documentation for JEA has migrated to MSDN.


JEA documentation has moved to MSDN -- check it out at! In addition to making the documentation easier to find and read, you can now contribute to the documentation by submitting pull requests to the staging branch.

DSC Resource

The JEA DSC resource can help you quickly and consistently deploy JEA endpoints across your enterprise. The JustEnoughAdministration DSC resource configures the PowerShell session configurations, which define the mapping of users to roles and general session security settings. Role capabilities belong to standard PowerShell modules, and can be deployed with the DSC file resource. Check out the [Demo Config](./DSC Resource/DemoConfig.ps1) for an example of how to deploy a JEA endpoint using these DSC resources.

Sample Role Capabilities

Microsoft IT have been working with JEA since its inception and have shared some of their role capabilities for general server and IIS maintenance/support. Check them out to learn more about how to create role capability files or download them to use in your own environment!


Please see the DSC contribution guidelines for information on contributing to this project.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact with any additional questions or comments.


Just Enough Administration



Code of conduct

Security policy





No releases published


No packages published