CAPAM is connected in AD, all users are being registered to CAPAM by Security Groups added to their account after groups were imported from AD.
Some of the Admin Accounts whose membership has already been removed are still retained in the CAPAM.
Release : 1.0
Component : PRIVILEGED ACCESS MANAGER CREDENTIAL MANAGENENT
The Admin Accounts are part of Breakglass Approvers.
In the Session Logs we have "PAM-CMN-1583: 0 users deleted, 1 users not deleted for lack of privilege, 0 users not found, 0 LDAP users not deleted, 0 login contact users not deleted, 0 unknown user delete errors",0, --,,0"
The admin accounts are part of Breakglass Approvers, removing these accounts from the list of Breakglass Approvers helps in the deletion of these accounts from CA PAM.