While creating a new target account following error is returned and unable to create target account.
PAM-CM-3432: Cannot connect to a domain controller on the specified domain
'User1' account to be created as Target Account.
Existing 'pamadmin' target account to be used for updating above account password.
Release : 3.x
Component : PRIVILEGED ACCESS MANAGEMENT
When creating a new target account and assigning another account to update password, you need to ensure the following.
account password is correct
account is not deactivated in AD
account is verified (please double confirm and see if verification is successful)
account has "Account can change own password" set
You cannot configure multiple level of chain to update account password.
User1 ⇐ pamadmin ⇐ breakglass ⇐ administrator
You can only configure 1 level.
User1 (Use the following account to change password) ⇐ pamadmin (Account can change own password)
And if the associated account for password update does not have the password valid password set then creation of the new target account will fail.