© 2026 au2mator GmbH · All rights reserved
Automation Consulting. Unabhängig vom Frontend.
Azure Privileged Identity Management (PIM) is powerful – but only for cloud identities. A customer asked us: can we have the same for our OnPrem Active Directory? The answer: yes, if you build it yourself.
Privileged accounts in OnPrem AD were permanently active. No time limit, no justification required, no automatic revocation. A classic security risk – especially for admin accounts.
We developed a PIM-like solution for OnPrem AD using the au2mator Self-Service Portal and System Center Orchestrator (SCO). Employees can request privileged roles via the portal for a maximum of 12 hours – with mandatory justification. SCO automatically grants the role and revokes it after the time expires. All requests are logged.
Privileged rights are only temporarily active. Full audit trail. The security level in OnPrem AD was significantly raised.