Share via

Set-PAMConfiguration

Module:
MIMPAM Module

Updates PAM scenario configuration settings in the MIM Service.

Syntax

Default (Default) 

Set-PAMConfiguration
    [[-PrivUserPrefix] <String>]
    [[-RoleMaximalDuration] <TimeSpan>]
    [-RoleDefaultDuration <TimeSpan>]
    [[-ForestFunctionality] <ForestFunctionality>]
    [-UserAdminPasswordLength <Int32>]
    [-RequestExpirationInDays <Int32>]
    [-DefaultADContainer <String>]
    [[-RoleMinimalDuration] <TimeSpan>]
    [<CommonParameters>]

Description

Updates the configuration settings in the MIM Service database. These settings take effect for any subsequent New-PAMGroup, New-PAMUser or New-PAMRole calls.

Examples

EXAMPLE 1

Set-PAMConfiguration -RoleMaximalDuration (New-TimeSpan -Days 7) -RoleDefaultDuration (New-TimeSpan -Days 1)

This command changes two parameters of the PAM configuration in the MIM Service.

Parameters

-DefaultADContainer

Location in the PAM domain for new user and group objects to be created by New-PAMGroup and New-PAMUser.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ForestFunctionality

Windows Server Active Directory functional level of the PAM domain.

Parameter properties

Type:ForestFunctionality
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:5
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PrivUserPrefix

String prefix when creating user names.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:1
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-RequestExpirationInDays

Minimum number of days before a PAM request is deleted.

Parameter properties

Type:Int32
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-RoleDefaultDuration

Default duration if the TTL parameter is not specified to New-PAMRole, minimum 3 minutes.

Parameter properties

Type:TimeSpan
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-RoleMaximalDuration

Duration limit for creating new PAM roles.

Parameter properties

Type:TimeSpan
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:3
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-RoleMinimalDuration

Duration limit for creating new PAM roles, minimum of 3 minutes.

Parameter properties

Type:TimeSpan
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:2
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-UserAdminPasswordLength

Number of characters in passwords generated by New-PAMUser.

Parameter properties

Type:Int32
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Outputs

Microsoft.IdentityManagement.PamCmdlets.Model.PAMConfiguration

Updated configuration.