Here is an example TechIDManager deployment for an MSP’s client that has one Entra ID tenant.
You want to have unique domain accounts for each tech to access Azure and all the computers and resources attached to that; Azure AD, 0365, Entra ID, etc…
You deploy a PAM agent to the Azure AD tenant as a function, and use the Entra ID accounts to access all the computers and resources. We use a function for the very specific reason that we don’t keep access into your (or your client) Azure tenants. This is only one of many layers of security that we have built into TechIDManager.
The total agent counts deployed in this example are:
1 PAM agent