PAM Local Group does not show PAM Local User members

book

Article ID: 141099

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

PAM User Group is created and PAM Local Users are assigned but they do not appear in that Group.

 

In the following screenshot there are 2 users.

pamuser1 = PAM Local User

[email protected] = LDAP User

 

PAM Local Group is created, "PAMLocalGroup"

 

In this PAMLocalGroup, the 2 sample users are selected and added.

 

But once you close this and check the "PAMLocalGroup" again, it only shows LDAP user ([email protected]) and PAM Local User (pamuser1) is missing.

 

Cause

This is a defect which is found on PAM 3.2.5 and PAM 3.2.6 (as of Dec 2019).

However, it is a cosmetic defect so if you create a Policy with this User Group, the policy will correctly apply.

Users who belong to this group will have the target devices appear correctly at their Access page.

Environment

Release : 3.2.5, 3.2.6

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

This behavior is introduced on PAM 3.2.5 (not present in PAM 3.2.3 and 3.2.4)

Upgrade to PAM 3.3.0 (or higher) does not demonstrate this behavior.

 

Attachments