PAM 4.0 Default Accounts

book

Article ID: 225126

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

I was wondering if there is "official" description with regards to the default accounts that show up once we stand up PAM.  I recognize what some of these accounts are, but I was wondering if there was something that was more "official" with regards to the functions of these accounts.

Environment

Release : 4.0

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

I have Identified the 7 accounts:
Here is information on the NIMADMIN accounts (there are 2):

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/4-0/integrating/integrate-with-your-service-desk-solution/ca-nim-um-and-sm-integrations.html

Here is information for the ActiveMQ user:

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/4-0/pam-server-control/Configure-PAM-SC-to-protect-your-endpoints/configuring-auto-login-for-a-server-control-device/activemq-password.htm

Here is information for the MCApiKey user:
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/4-0/administrating/management-console/integrate-with-the-management-console.html

Used for management console access

 

This user LDAPApiUser, is used for LDAP group imports

 

These users DSApiUser, DSOutboundAPIUser

are used by the PAMSC distributed server:

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager-server-control/14-1/implementing/install-a-distribution-server.html