How can I add Credential Manager roles to a PAM user?
Article ID: 104955
Updated On:
Products
CA Privileged Access Manager - Cloakware Password Authority (PA)
CA Privileged Access Manager (PAM)
Issue/Introduction
The Access Manager PAM Component and the Credential Manager PAM component deal with the roles in a different manner.
This can create some confusion the moment the different roles have to be assigned to the users.
The present document should help in the following scenario:
This can create some confusion the moment the different roles have to be assigned to the users.
The present document should help in the following scenario:
- I have added Access Manager roles to a particular PAM user, in this example 'Auditor'.
- But I do not see how to add the Credential Manager roles.
- When I click on the 'Credential Manager Groups' tab, the pane seems to be grayed out and a message stating "You must add a role that has access to select Credential Management Groups" is shown.
How can I add Credential Manager roles to a PAM user?
Environment
Any hardware or software appliance running any version of PAM.
Resolution
- In order to add Credential Manager roles to a user you should create a "Credential Manager User Group" first and add the role to it by clicking on the magnifying glass by the Role entry field. In this example 'ViewReports' has been selected.
- Then in the 'Users' tab add the user we previously mentioned by clicking on the '+' button:
And selecting it from the user list and clicking 'OK'
- After that, if the user Test opens the PAM Client, it can access the 'Auditor' Access Manager role:
- And the 'ViewReports' Credential Manager role:
Feedback
Yes
No
Powered by
