Hi Octopus Support,
We recently created a new Octopus tentacle install script which also removes local admin rights from the tentacle service accounts we use. Instead we use the minimal level recommended in your documentation (registry location, Home directory, Running Service). However, there is this exception mentioned:
Additional permissions will be necessary depending on the kind of deployments Tentacle will perform (e.g. IIS configuration and so-on).
Is it possible–within the Octopus running process–to provide the tentacle service account temporary local admin rights on the server while it’s running IIS config deployments or other Windows related changes?
We are on version 2020.4.2.