search cancel

PAM Local Group does not show PAM Local User members

book

Article ID: 141099

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

PAM User Group is created and PAM Local Users are assigned but they do not appear in that Group.

 

In the following screenshot there are 2 users.

pamuser1 = PAM Local User

[email protected] = LDAP User

 

PAM Local Group is created, "PAMLocalGroup"

 

In this PAMLocalGroup, the 2 sample users are selected and added.

 

But once you close this and check the "PAMLocalGroup" again, it only shows LDAP user ([email protected]) and PAM Local User (pamuser1) is missing.

 

Cause

This is a defect which is found on PAM 3.2.5 and PAM 3.2.6 (as of Dec 2019).

However, it is a cosmetic defect so if you create a Policy with this User Group, the policy will correctly apply.

Users who belong to this group will have the target devices appear correctly at their Access page.

Environment

Release : 3.2.5, 3.2.6

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

This behavior is introduced on PAM 3.2.5 (not present in PAM 3.2.3 and 3.2.4)

Upgrade to PAM 3.3.0 (or higher) does not demonstrate this behavior.

 

Attachments

Powered by Wolken Software