Unable to re-add user
search cancel

Unable to re-add user


Article ID: 203904


Updated On:


CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager - Server Control (PAMSC)


Issue is that on approving a CAC/PIV user fails PAM error like such: 

   Error: PAM-UI-2411: Error approving CAC User. Duplicate Password Authority username.  User not added. Please contact your system administrator.

While the Tomcat logs show the following footprint

    Nov 18, 2020 16:57:12 PM com.cloakware.cspm.server.dao.impl.AnsiSQLUserGroupDAO insertMember

    SEVERE: AnsiSQLUserGroupDAO.insertMembers adminAccountID=xxxxxxxxxxxxxxx@yyy is already a member of UserGroup ID=nnnn



Privileged Access Manager, all versions


The root cause is that an existing entry for the user still exits in a PAM internal  DB table. Possibly the previous approval failed due to another specific reason and that left the an orphaned DB entry for the adminAccountID (adminAccountID was essentially not marked deleted as required).




Please file a support case requesting help to correct a possible orphaned entry in a PAM internal DB table related to the adminAccountID.