Set-PAMAuthenticationRestriction
Configure whether to enforce authentication policy that applies authentication restrictions to PAM service accounts.
Syntax
Set-PAMAuthenticationRestriction
[[-PrivDomain] <String>]
[[-Credentials] <PSCredential>]
[-Enforce] <Boolean>
[<CommonParameters>] Description
The cmdlet enforces the PAM authentication policy so that PAM service accounts are only allowed to authenticate on the designated PAM server.
Examples
EXAMPLE 1
Set-PAMAuthenticationRestriction -Domain "Priv" -Credentials (Get-Credential) -EnforcePolicy $trueDescription
This command enforces the PAM authentication policy. As the result, PAM service accounts are only allowed to authenticate on the designated PAM server.
Parameters
-Credentials
The credential used for the configuration of PAM authentication restriction, usually the PRIV domain admin credential is required.
| Type: | PSCredential |
| Position: | 2 |
| Default value: | The current logon user's credential |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Enforce
If true, authentication policy will be enforced.
| Type: | Boolean |
| Position: | 3 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PrivDomain
The name of the PRIV domain (NetBIOS or FQDN)
| Type: | String |
| Position: | 1 |
| Default value: | The name of the current logon user's domain |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |