How can I add Credential Manager roles to a PAM user?

book

Article ID: 104955

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager (PAM)

Issue/Introduction

The Access Manager PAM Component and the Credential Manager PAM component deal with the roles in a different manner.
This can create some confusion  the moment the different roles have to be assigned to the users.
The present document should help in the following scenario:
 
  • I have added Access Manager roles to a particular PAM user, in this example 'Auditor'.

 

 

  • But I do not see how to add the Credential Manager roles.
  • When I click on the 'Credential Manager Groups' tab, the pane seems to be grayed out and a message stating "You must add a role that has access to select Credential Management Groups" is shown.

 



How can I add Credential Manager roles to a PAM user?

Environment

Any hardware or software appliance running any version of PAM.

Resolution

  • In order to add Credential Manager roles to a user you should create a "Credential Manager User Group" first and add the role to it by clicking on the magnifying glass by the Role entry field. In this example 'ViewReports' has been selected.





  • Then in the 'Users' tab add the user we previously mentioned by clicking on the '+' button:


 

 

  • And selecting it from the user list and clicking 'OK'




 

  • After that, if the user Test opens the PAM Client, it can access the 'Auditor' Access Manager role:




 



  • And the 'ViewReports' Credential Manager role:



 

Attachments

1558699924616000104955_sktwi1f5rjvs16jxg.jpeg get_app
1558699922696000104955_sktwi1f5rjvs16jxf.jpeg get_app
1558699920928000104955_sktwi1f5rjvs16jxe.jpeg get_app
1558699919166000104955_sktwi1f5rjvs16jxd.jpeg get_app
1558699917509000104955_sktwi1f5rjvs16jxc.jpeg get_app
1558699915559000104955_sktwi1f5rjvs16jxb.jpeg get_app
1558699913595000104955_sktwi1f5rjvs16jxa.jpeg get_app