After installing v4.4.1642, unable to elevate to PAM Roles
After installing v4.4.1642, we were unable to elevate. Running Get-PAMUsers returned a not authorize error. Steps that were taken to resolve the issue:
On the Sync server modify the object deletion run as below – this is done on the Person metaverse person object 
- Delete the connector space of the CTRL MA
- Ran Full import on the CTRL MA, this step triggers the metaverse deletion rule and then FIM MA deprovisioning rule. Note: No sync profile was needed here. This action delete all the users in the metaverse.
- Ran Export on FIM MA deleting all the users in FIM Service . Except for the Bulit-In Syanchronization serviceand dte.* accounts
- Reverted the change done in step 1
- Ran Full Import Full Sync on CTRL MA
- Ran Export on FIM MA
- Ran Full Import Full Sync on FIM MA
- Ran Export on FIM MA
- Ran powershell script to set each users ResourceSID in the CtrlPortal
- Removed and re-added Users into PAM Roles in the portal.
- Corrected DNS entry for ctrlpamportal (one address was correct and one was wrong
- In IIS removed host header for the MIM Privileged Access Management API (was ctrlportal.dte.ic.gov)
- Add ctrlpamportal as the host header for MIM Access Management Portal
- Change MIM Access Management Portal App Pool to PamRestApiAppPool
- Did iisreset