The Access Manager PAM Component and the Credential Manager PAM component deal with the roles in a different manner. This can create some confusion the moment the different roles have to be assigned to the users. The present document should help in the following scenario:
I have added Access Manager roles to a particular PAM user, in this example 'Auditor'.
But I do not see how to add the Credential Manager roles.
When I click on the 'Credential Manager Groups' tab, the pane seems to be grayed out and a message stating "You must add a role that has access to select Credential Management Groups" is shown.
How can I add Credential Manager roles to a PAM user?
Environment
Any hardware or software appliance running any version of PAM.
Resolution
In order to add Credential Manager roles to a user you should create a "Credential Manager User Group" first and add the role to it by clicking on the magnifying glass by the Role entry field. In this example 'ViewReports' has been selected.
Then in the 'Users' tab add the user we previously mentioned by clicking on the '+' button:
And selecting it from the user list and clicking 'OK'
After that, if the user Test opens the PAM Client, it can access the 'Auditor' Access Manager role: