PAM User Group is created and PAM Local Users are assigned but they do not appear in that Group.
In the following screenshot there are 2 users.
pamuser1 = PAM Local User
[email protected] = LDAP User
PAM Local Group is created, "PAMLocalGroup"
In this PAMLocalGroup, the 2 sample users are selected and added.
But once you close this and check the "PAMLocalGroup" again, it only shows LDAP user ([email protected]) and PAM Local User (pamuser1) is missing.
This is a defect which is found on PAM 3.2.5 and PAM 3.2.6 (as of Dec 2019).
However, it is a cosmetic defect so if you create a Policy with this User Group, the policy will correctly apply.
Users who belong to this group will have the target devices appear correctly at their Access page.
Release : 3.2.5, 3.2.6
Component : PRIVILEGED ACCESS MANAGEMENT
This behavior is introduced on PAM 3.2.5 (not present in PAM 3.2.3 and 3.2.4)
Upgrade to PAM 3.3.0 (or higher) does not demonstrate this behavior.