Standard Users are not listed in the Recipient list for Scheduled
search cancel

Standard Users are not listed in the Recipient list for Scheduled


Article ID: 133365


Updated On:


CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager (PAM) CA Privileged Access Manager - Server Control (PAMSC)


On PAM 2.8.x, "Standard Users" were visible in the "Available Recipients" list for the "Credential - Reports - Scheduled Jobs".

So the Administrator can select any users and they would receive the report.

After upgrading to PAM 3.x, only the admin users are visible in the list.


Release : 3.x.x



The behavior in the PAM 2.8.x was not  according to the design.

In the above PAM 2.8.x Documentation, it is mentioned:


Schedule Reports Credential Manager allows you to schedule jobs that run the selected report and emails the output to the selected recipients.

Recipients can be selected from all Credential Manager users with a valid email address.


So, since the beginning(based on PAM 2.8.x) the users who can be listed as the "mail recipient" are those who are "Credential Manager"

This Credential Manager privilege is tied to the role of users.

If you navigate to "Users - Manage Roles" and view "Standard User" role, they only have 2 permissions.

"Access All"

"Manage All"

These 2 permissions are for accessing and managing device they are associated in the policy.

If you take a look at the "Password Manager" or "Global Administrator" or "Operational Administrator", they have "Manage Credential" privilege.

So by right only those users with "Manage Credential" privilege should be listed as the report recipient.

What this suggest is the behavior you have been seeing in the PAM 2.8.x was not according to the design.

You can find the same content is maintained in the PAM 3.2.x as above.


If you want specific users to be listed in the report recipient list, you will need to provide them the privileged first. 

For example, you can do the following. 

1. goto "Users - Manage Users" and select the desired user. 

2. Assign "Password Manager" role to the user 

3. At "Credential Manager" tab, add "Base Users" group. 

4. Click "OK" to save. 

Then go to the Scheduled report and see if the user is listed there.