Basic permission required to see the Dashboard in PAM
search cancel

Basic permission required to see the Dashboard in PAM

book

Article ID: 205222

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Due to security concerns it is necessary to know the minimal privileges a certain user must have in order to access the Dashboard GUI. The goal is to prevent having to give excessive rights to users in order for them to be able to view the status of the appliances

Environment

CA PAM all versions up to 3.4.2,  and 4.1 

Resolution

The Dashboard is only visible to users having the Operational Administrator role or Global Administrator role. In terms of operation, Operational Administrator has a lesser set of privileges. All other roles will not be able to see the Dashboard tab in the product GUI. To be able to see the credential management functionality the user will also have to belong to a Credential Management group having at least the ReadOnly role.

The user needs also to be a member of the 'System admin Group' in 'Credential Manager Groups'

Additional Information

Removed Internal IP from screenshot