Step 2 Configuring the CORP domain
Set up the CORP forest
If you are just starting off with PAM, and want to set up a test environment, the script also allows configuration of a CORP Domain. If you already have a CORP domain, continue at the section Configure the CORP forest below.
After unzipping the compressed file to the $env:SYSTEMDRIVE\PAM folder, edit the PAMDeploymentConfig.xml adding the details of the CORP forest. Update the DNSName, NetbiosName, DC name, Database/Log Path, and sysvol folder Path. The functional level should be at least Windows Server 2012 R2.
- Log in to the CORP domain DC as Administrator
- Run PowerShell as Administrator
- cd $env:SYSTEMDRIVE\PAM
- import-module .\PAMDeployment.ps1
- select menu option 10 (CORP forest setup)
The domain controller will reboot automatically upon completion.
Configure the CORP forest
Once the SIDs.txt is copied to the CORPDC not required for PRIVOnly deployments
- Login to CORPDC as Administrator
- Run PowerShell as Administrator
- cd $env:SYSTEMDRIVE\PAM
- .\PAMDeployment.ps1
- select Menu Option 2 (CORP Forest Configuration)