ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Device is not removed from a device group in CA PAM


Article ID: 196023


Updated On:


CA Privileged Access Manager (PAM)


There is a device group configured with several devices. Upon deleting one of the devices from the group and saving the group, the device appears again in the group.


One of the ways in which a device group may be caused is by choosing tags: that is, the device group will build its contents based not on individual assignment of devices but rather in the tags assigned to those devices matching the group tag (e.g. a device with a tag "testdevice" will always be added to a device group whose tag is equally "testdevice")

Since this is a dynamic assignment, it doesn't matter if the device is removed from the list of devices in the group: it will be added back automatically because it still shares the same tag as the device group tag.


Component : PRIVILEGED ACCESS MANAGEMENT, all supported versions


Remove the tag from the device group (and that will automatically remove all devices sharing that tag) or change the tag for the device you want to remove to make sure it does not match any tag defined for the device group you want to remove it from.