Set-PAMConfiguration

Updates PAM scenario configuration settings in the MIM Service.

Syntax

Set-PAMConfiguration
   [[-PrivUserPrefix] <String>]
   [[-RoleMaximalDuration] <TimeSpan>]
   [-RoleDefaultDuration <TimeSpan>]
   [[-ForestFunctionality] <ForestFunctionality>]
   [-UserAdminPasswordLength <Int32>]
   [-RequestExpirationInDays <Int32>]
   [-DefaultADContainer <String>]
   [[-RoleMinimalDuration] <TimeSpan>]
   [<CommonParameters>]

Description

Updates the configuration settings in the MIM Service database. These settings take effect for any subsequent New-PAMGroup, New-PAMUser or New-PAMRole calls.

Examples

EXAMPLE 1

Set-PAMConfiguration -RoleMaximalDuration (New-TimeSpan -Days 7) -RoleDefaultDuration (New-TimeSpan -Days 1)

Description


This command changes two parameters of the PAM configuration in the MIM Service.

Parameters

-DefaultADContainer

Location in the PAM domain for new user and group objects to be created by New-PAMGroup and New-PAMUser.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ForestFunctionality

Windows Server Active Directory functional level of the PAM domain.

Type:ForestFunctionality
Position:5
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-PrivUserPrefix

String prefix when creating user names.

Type:String
Position:1
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-RequestExpirationInDays

Minimum number of days before a PAM request is deleted.

Type:Int32
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-RoleDefaultDuration

Default duration if the TTL parameter is not specified to New-PAMRole, minimum 3 minutes.

Type:TimeSpan
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-RoleMaximalDuration

Duration limit for creating new PAM roles.

Type:TimeSpan
Position:3
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-RoleMinimalDuration

Duration limit for creating new PAM roles, minimum of 3 minutes.

Type:TimeSpan
Position:2
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-UserAdminPasswordLength

Number of characters in passwords generated by New-PAMUser.

Type:Int32
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Outputs

Microsoft.IdentityManagement.PamCmdlets.Model.PAMConfiguration

Updated configuration.