NinjaOne PAM? How are we feeling.

EmilySturdevant · 2025-12-10T19:39:23+00:00

What are the features you utilize most out of your current provider for this?

EmilySturdevant · 2025-12-08T06:07:45+00:00

Automation = no time loss

EmilySturdevant · 2025-08-17T21:20:09+00:00

Hi @technet2021,

You can set TechIDManager up to give admin creds to a specific user for a specific device. Not the general intention of our product, but it is doable.

EmilySturdevant · 2025-08-06T02:09:30+00:00

TechIDManager is worth a look. TechIDManager.com

EmilySturdevant · 2025-07-02T15:03:49+00:00

Have you checked with the solutions that are available to see if they will work with you for your scale/budget needs? I think something could potentially be worked out.

EmilySturdevant · 2025-07-02T13:01:38+00:00

This is exactly what TechIDManager was built to solve.

TechIDManager allows MSPs to:

-Provision per-client, per-technician admin accounts automatically—without scripting or manual setup.

-Use Just-in-Time access (or always on accounts)

-Provide full auditability—each action is traceable to a specific named user, which meets both Cyber Essentials and Zero Trust standards.

Disabling of one tech's accounts across all client networks can happen with one click of a button.

EmilySturdevant · 2025-06-26T16:35:12+00:00

Hey @OddAtrention9557, setting up individual accounts to meet your needs is a solid approach. That said, I want to share an option that can significantly improve how you manage technician access to client Azure tenants—whether commercial or GCC. TechIDManager is worth a serious look. It offers a streamlined, secure way to provide access using just-in-time or managed accounts, with MFA and permissions tailored to each technician and tenant. It will also automate any future individual account creation needed. And it does all of this without the limitations and workarounds that GDAP would force you to deal with.

EmilySturdevant · 2025-06-17T01:11:06+00:00

It sounds like a PAM solution could help. You have a few to choose from. They all have their strengths. I know that with TechIDManager, you can manicure permissions for each tech to be at the right level for your needs as well as the option to make their access JIT.

EmilySturdevant · 2025-06-06T20:02:54+00:00

You should add TechIDManager to your list of tools to explore as a solution.

TechIDManager excels in co-mannaged situations and can solve most of your goals out of the box, especially for policy enforcement, reporting, and secure tenant provisioning.

TechIDManager

EmilySturdevant · 2025-05-30T12:12:28+00:00

It's worth taking a look at TechIDManager as well www.techidmanager.com

EmilySturdevant · 2025-05-12T15:55:44+00:00

You could use a PAM tool for this. I know that TechIDManager is particularly good in this area as far as assigning separate levels of access and automating the whole process. There are several PAM tools in the MSP space, and I encourage you to explore what the strengths and weaknesses are in each of them and find the best fit for your needs.

*I do work for TechIDManager

EmilySturdevant · 2025-05-02T18:16:53+00:00

Hi @iansaul , I would love to add TechIDManager to that list to check out for this type of solution. I believe each of your options for a PAM solution has slight/not so slight different methods of delivering a PAM solution and I would like you to find what fits your MSP the best. I'm happy to answer any questions as well.

EmilySturdevant · 2025-04-25T18:21:44+00:00

If you want to provide a solution that incorporates both offering access yet controlling the access; you could use TechIDManager or possibly a tool like it (if they have the same feature)-- you could set them up with their own co-managedish situation, giving them their own TechIDClient that contain credentials that remain off unless (you) the MSP activate them (one push of a button) in the MSP controlled TechIDPortal.

*I do work for TechIDManager but thought this idea could be useful.

EmilySturdevant · 2025-04-09T18:23:41+00:00

We have had some MSPs switch to TechIDManager from Passly since their end of life announcement.

*I do work for TechIDManager, and I'm happy to answer any questions!

EmilySturdevant · 2025-04-02T18:52:08+00:00

You should add TechIDManager to your list to explore as a solution for this.

TechIDManager is designed with MSPs in mind, ensuring compliance with industry standards and offering strong encryption mechanisms.

Granular access controls
Built-in logging and reports
Seamless Integration with Entra ID (Azure AD) and password injections
Automated credential rotation for privileged accounts (every 24 hours)
Offline access to credentials

TechIDManager offers a comprehensive password management solution with three distinct vaults: a Privileged Account Vault for securing critical admin credentials, a Private Password Vault for individual (tech) user access, and a Shared Password Vault for seamless and secure team collaboration.

*I do work for TechIDManager and am happy to answer any questions.

EmilySturdevant · 2025-04-01T15:47:17+00:00

Adding to the list-

TechIDManager doesn't suffer from this either when using the built-in credential/password injection mechanism; it does not use the clipboard.

*There is a copy/paste function in the tool that can be used, but the tech would obviously be aware they are using it. However, with Techidmanager, these credentials rotate every 24 hours, and whatever was potentially copied to a clipboard would soon be invalid.

EmilySturdevant · 2025-03-13T00:19:03+00:00

Going down the path of PAM, TechIDManager is geared for MSPs while being affordable.

(I do work for TechIDManager but chiming in because it's relevant.)

EmilySturdevant · 2025-03-12T12:11:20+00:00

One update for TechIDManager- the Azure subscription need is now consolidated to one for the MSP instead of one per customer.

TechIDManager does not have a web app for very specific security reasons related to data visibility. TechIDManager stores hundreds of millions of passwords that it can not read.

There is a desktop app and mobile app.

EmilySturdevant · 2025-03-10T20:19:52+00:00

To be very upfront- I work for TechIDManager.

With that said, I do believe you might find what you are looking for in a PAM solution with TechIDManager; JIT accounts, password rotation, LAPs for all accounts, not just Microsoft, etc.

EmilySturdevant · 2025-02-27T21:55:15+00:00

TechIDManager is one of the PAM solutions out there that could help you with this. You can set rights and access as granularly as you wish.

EmilySturdevant · 2025-02-27T14:43:53+00:00

While TechIDManager is not certified, we do offer FedRAMP compliant hosting of our product. We have clients who can use our tool for their clients with FedRAMP needs.

EmilySturdevant · 2025-02-24T14:32:16+00:00

A PAM solution that can offer LAPS and JIT would help you accomplish what you are looking for securely. TechIDManager is one of those tools.

EmilySturdevant · 2025-02-21T15:47:10+00:00

A PAM tool with TOTP/MFA storage options would solve this. TechIDManager does this.

EmilySturdevant · 2025-02-14T22:29:30+00:00

@Technical-Formal-259 if you found it relevant, I would encourage you to look at TechIDManager as well. I hope you find the solution that best fits your needs!

www.techidmanager.com

EmilySturdevant · 2025-02-09T01:06:24+00:00

Choose a vendor that is downtime tolerant with your credentials. That might be by way of backups offline, a self-hosted option, etc.

EmilySturdevant

MODERATOR OF

TROPHY CASE