none
Microsoft PAM- Privilege access manager RRS feed

  • Question

  • Hi Team,
    
    
    
    I need a little expert advice. I have a scenario where I have to implement PAM.
    
    Scenario Short and Simple:
    
    1. 1 main production forest abc.no and has a child domain pqr.abc.no all my user data and OUs are stored here.
    
    2. I have created a bastian forest xyz.priv and have a MIM Server installed in that domain.
    
    I now want to establish a trust as per microsoft documentation by running the command  
    
    New-PAMTrust -SourceForest "qbc.no" -credentials $ca.
    
    I wanted to know , by running this command will the trust be created with child domain pqr.abc.no as well ?
    
    Since as mentioned above this is where all my user data is and eventually, I need to migrate the admin user from this domain to my bastian forest. 
    
    
    
    Please assist with your inputs.
    
    Thank You.
    
    
     
    


    • Edited by Parin Das Thursday, February 7, 2019 1:19 PM
    Thursday, February 7, 2019 1:18 PM

All replies

  • The trust will be created at the forest level. This link talks about how to make this work with the child domain: https://blogs.technet.microsoft.com/fieldcoding/2017/05/09/privileged-access-management-demystified/

    Thanks,
    Brian

    Consulting | Blog | AD Book

    Friday, February 8, 2019 5:51 PM
    Moderator