none
Questions about PAM and Priv Domain RRS feed

  • Question

  • I am just wondering. We have MIM2016 running on the production domain. Now we want to test PAM feature.

    Should we install the PAM feature for the Priv Domain and not for the production domain which allready have MIM2016 installed?

    Wednesday, July 6, 2016 7:58 AM

Answers

  • Hello,

    yes currently the PAM scenario is different from the MIM IDM scenario.

    So you need to have an dedicated Priv forest with only the PAM components and MIM Service into that.

    You dont need to have Sync or Portal installed as all management will go over PowerShell.

    There is a current CTP on connect with a PAM single forest scenario but this is still in development and for testing only.

    But keep in mind that the dedicated forest scenario is a more secure solution.

    /Peter


    Peter Stapf - ExpertCircle GmbH - My blog: JustIDM.wordpress.com

    • Marked as answer by 2xTsei Wednesday, July 6, 2016 12:14 PM
    • Unmarked as answer by 2xTsei Thursday, July 7, 2016 10:28 AM
    • Marked as answer by 2xTsei Thursday, July 7, 2016 10:30 AM
    Wednesday, July 6, 2016 8:04 AM

All replies

  • Hello,

    yes currently the PAM scenario is different from the MIM IDM scenario.

    So you need to have an dedicated Priv forest with only the PAM components and MIM Service into that.

    You dont need to have Sync or Portal installed as all management will go over PowerShell.

    There is a current CTP on connect with a PAM single forest scenario but this is still in development and for testing only.

    But keep in mind that the dedicated forest scenario is a more secure solution.

    /Peter


    Peter Stapf - ExpertCircle GmbH - My blog: JustIDM.wordpress.com

    • Marked as answer by 2xTsei Wednesday, July 6, 2016 12:14 PM
    • Unmarked as answer by 2xTsei Thursday, July 7, 2016 10:28 AM
    • Marked as answer by 2xTsei Thursday, July 7, 2016 10:30 AM
    Wednesday, July 6, 2016 8:04 AM
  • Hello,

    yes currently the PAM scenario is different from the MIM IDM scenario.

    So you need to have an dedicated Priv forest with only the PAM components and MIM Service into that.

    You dont need to have Sync or Portal installed as all management will go over PowerShell.

    There is a current CTP on connect with a PAM single forest scenario but this is still in development and for testing only.

    But keep in mind that the dedicated forest scenario is a more secure solution.

    /Peter


    Peter Stapf - ExpertCircle GmbH - My blog: JustIDM.wordpress.com


    Yeah, that what was I thought. Thanks.
    Wednesday, July 6, 2016 12:14 PM