Hello MIM Experts,
Is there any way to manage time based local administrator group permission with MIM 2016?
I have google it and found one option that
Create domain group for each workstation(like localadmin_MC1, localadmin_MC2......etc) and through AD group policy add these groups to the local administrator of each workstation. WIth the help of MIM 2016 PAM feature we can create role for each domain group and manage time based local administrator group membership. But we have 100k workstations in our environment and creating 100k domain groups are not best practice.
Now the question is, do we have another option available for this requirement?
BR