Active Directory
--
Questions
--
Followers
Top Experts
Hi everyone,
Currently me & entire IT team responsible for servers, network, firewall using dedicated PAW for each personnel with no domain, internet, or email access to manage critical systems.
Soon, we'll be using PAM to manage all privileged accounts across our infrastructure.
My question is:
Do we still need to use PAW after implementing PAM or should we access PAW through PAM and manage the PAW account through PAM as well?
Would love to hear your recommendations on this!
Thanks in advance!
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
Thank you expert.
PAM solution uses proxy connection. Does it add any value?
PAM is a proxy itself.
YEs it add value to protect unauthorised user from direct access to server using stolen or weak password. PAM even have audit trail and capture on the activities which unauthorised user cannot delete away as compared to w/o it, it can be deleted off the target server.
If you have PAM, what you will tradeoff is depending on local audit trail, strong authentication by server which privileged user can simply disable them since they have direct access.
By the time you find out things are messed up in server, you would probably be left with nothing to investigate since the abuse has deleted all traces.
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
Active Directory
--
Questions
--
Followers
Top Experts
Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.