Unable to create PAM Account in IAM
search cancel

Unable to create PAM Account in IAM

book

Article ID: 235420

calendar_today

Updated On:

Products

CA Identity Suite CA Identity Manager

Issue/Introduction

Is it possible to create PAM Target accounts of a user via CA IAM (Identity Manager)?

Environment

Release : 14.x

Component : CA IDENTITY SUITE (VIRTUAL APPLIANCE)

Cause

Working as designed.

Resolution

A PAM target account is the account that is actually on the device, in PAM device=endpoint.
Pam cannot create target accounts, it can only make logic maps to Target accounts, hence why there is no create API

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/4-0-1/add-target-accounts-and-aliases.html

IM can assign and revoke PAM Target accounts but it cannot create them.

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-management-and-governance-connectors/1-0/connectors/ca-connectors/ca-privileged-access-manager.html

Powered by Wolken Software