Privileged Access Management Training Course – PAM in MIM (A640)

"Worth flying in from the US for! I got a great understanding of what PAM is, and what it will do to keep our company safe."

Giovanny N - attended public class in person, 2017

Live Instructor-Led Course

Join the class in person, or connect to the class in real time over the internet from wherever you are in the world (via Skype).

£495 / $650 / €580

Available as a private course

If you have a number of people to train, we'll come to you to train you at a location of your choice. Contact us

This course is for technical staff – engineers, developers and technical architects – who want to maximise security by implementing MIM’s Privileged Access Management (PAM).

No MIM experience? No problem! Relevant concepts will be covered. However, to implement PAM successfully, we recommend that you also take our MIM Foundation course (available as a live classroom course and as an online course).

What does the course cover? Through presentations, discussions, demonstrations and exercises, the course will cover the following areas:

  • Introduction to Privileged Access Management: What Privileged Access is, how to recognise it, threats and consequences of identity theft and possible countermeasures.
  • MIM PAM Concepts and Components: User experience and underlying technology in MIM PAM.
  • Configuring and Operating PAM: Technical configuration of PAM, organizational components of a PAM project, and implementation of PAM in MIM.

What will I learn? At the end of the course, you will:

  • Understand the threats and consequences of identity theft, and how and why implementing PAM in MIM increases security.
  • Be able to design a PAM project.
  • Know how to implement and operate the PAM components of a MIM PAM environment.

Prepare! Be sure to read our PAM white paper and listen to this recording of our PAM webinar.


Privileged Access Management (PAM) addresses a problem which has often been neglected, that is, the detailed management of administrative, or privileged, permissions. In other words, PAM can keep safe those who have the keys to your kingdom.

IT security breaches are all too common, as are attacks using stolen credentials of those with privileged permissions. Stolen admin accounts enable attackers to extract and damage data, delete or modify logs, and create new backdoor accounts to prevent their detection from the attacked system.

Privileged Access Management (PAM) is a powerful security feature in Microsoft Identity Manager (MIM) which can limit the exposure of administrative credentials to attackers, and help prevent their theft and misuse.A PAM implementation of MIM is quite different from a standard MIM implementation. It’s far from straightforward, and a poorly designed and implemented PAM process will not significantly or meaningfully improve overall system security.

Module 1: Introduction to Privileged Access Management

In this module, the threat of identity theft and possible counter measures are discussed. We clearly define the term Privileged Access and identify the vulnerabilities in Windows that proper management can mitigate. This includes the problems associated with granting some identities permanent privileges when a “Just In Time” privilege escalation approach will provide higher levels of security. We discuss how attackers can compromise the Windows Credential Cache in non-secured environments.

Module 2: MIM PAM Components

In this module the user experience and underlying technology in MIM PAM is introduced and examined. We look at each of the components in a properly managed PAM infrastructure; first from the view of a privileged user discussing how working in a PAM environment will change their working practices, then as the implementer identifying which vulnerabilities should be in-scope during the early stages of a PAM project and which might be added soon after.

Module 3: Configuring and Operating PAM

In this module, technical configuration of PAM, and important operational tasks are examined. We discover how to configure and operate PAM in an on-premises environment. We identify the issues in a hybrid on-premises/on-cloud environment and show how to manage similar security measures that are included in PAM by using the Privileged Identity Management (PIM) functionality of Azure AD.

The course was detailed and the instructor was good.

Sohail P, Enterprise Support Engineer, UK
Attended PAM course in the classroom, 2018

With a significant PAM project coming up it was critical that I skilled up in this space and OCG has provided me with all the knowledge I need to manage that and also some great ideas for how I might tailor PAM for my particular environment.

Gavin A, IAM Service Owner, UK
Attended PAM in person in the classroom, 2017

Paul (the tutor) was very knowledgeable and spoke in an engaging way throughout the course. It was a lot of information to convey and he presented it at a good pace. The remote training environment worked well.

Nancy S, Washington, USA
Attended PAM live class in real time over the internet, 2017

Read more reviews