ryannewington
commented
12 months ago Hi @c3rberus
There are no known issues with any AD I've known about having turned this on. I know that it's used by some very large organizations around the world.
It adds the ability for a linked-value in the directory to have a TTL, but applications need to know how to query this information, it doesn't come if you aren't specifically looking for it.
Obviously I can't speak for every environment and possible configuration in the world, but from personal experience, I think it's a fairly safe thing to turn on.
c3rberus
Are there any known issues with enabling Privileged Access Management Optional Feature?
AMS has two modes, using PAM if running AD 2016+ or the built-in scheduler, with the former being documented as a more superior option.
My concern is that the Privileged Access Management optional feature cannot be disabled once it is enabled. This feature does not get the same coverage on the internet as the other optional feature (Recycle Bin Optional Feature), where it's very well documented, used and blogged on.
Hoping you are able to shed some details, based on your experience and your existing client base, have you run into any issues or gotchas with enabling this in an enterprise environment? My concern is that this is a one-way street, you enable it and there is no going back if something breaks.