Some years ago I ran in to a problem where PowerShell had limited functionality when logged in as a Domain Admin. Specifically PowerShell couldn't modify the LocalMachine hive or add/delete/modify files in Program Files. My understanding was the Microsoft REALLY doesn't want you logging in as a DA. You should remote in to your servers, not log in, and no work done on a workstation should ever require Domain Admin. I think the firm where this was happening was also using Enterprise Windows, rather than the Pro that most firms use.
Now I have a customer whose outsourced IT uses only Domain Admins for doing workstation installs. And while all of their production machines use Pro licenses, the VM they set up for me to test on has an Enterprise license of 21H2, because that's the license they had available.
So I have two questions...
1: Am I going to have issues with with this VM if I am logged in as a Domain Admin account and trying to run PowerShell locally? And if so, is this (still?) an Enterprise issue?
2: It seems to me that not using a Domain Admin account for doing workstation software installs is best practice. Why have multiple people with DA credentials that are technically not needed? I am not in a position to tell their outsourced IT how to do things, but I would like to know that my advice to others to NOT use a DA is well founded. Assuming I am correct in this, a pointer to a Microsoft white paper that I can then point people to would also be very helpful.
And, to clarify, I use PowerShell to automate complex and extensive Autodesk installs, thus the question here under the PowerShell tag.
