Hello Experts,
I am working on PAM deployment and would appreciate if you could assist me in solving some of my queries:
1) MIM/PAM SharePoint 2016 High Availability
We are planning to use SharePoint 2016 servers for MIM 2016 deployment for PAM to allow users to request access through GUI. With SharePoint 2013 foundation (free), it was simple to just install SharePoint component on each server. SharePoint 2013 mainstream support is ended this year so management does not want to go with SharePoint 2013.
Could anyone of you please advise if we should go with SharePoint Farm deployment with 2 FE and 1 clustered SQL Instance as the backend for MIM Portal or should be installed SharePoint 2016 standalone on each MIM portal server?
2) PAM MFA (Bastion Forest)
We Install PAM in bastion forest and it is recommended to integrate MFA with PAM to provide an extra layer of security. Do we need to sync bastion forest users with the Azure portal using AD Sync to assign them the Premium license for PAM MFA Authentication or would it work without Syncing their bastion forest accounts with Azure?
Thanks!