Team, Can you please help with any command line that can be used to

1) List all the empty devices i.e the devices which does not have Access or Password Management or A2A enabled 

2) delete empty devices from PAM

Thank You.

Release : 4.0

Component : PRIVILEGED ACCESS MANAGEMENT

There is no automated what to do this but it can be managed through the API 

There are a couple ways to accomplish this

1. Use Device Export from GUI and sort the devices based on the "f" value for these fields Type Access | Type Password  | Type A2A

once you have the list of devices you could manually delete them from the GUI if the number is not too large ( say 500 or more because less than that would be quicker to cleanup manually)

2. Use the  API tools to automate the collection of device IDs with their feild values and from there you automate the delete the devices where all 3 values = f

Request URL

https://10.33.60.105/api.php/v1/devices.json?sortBy=%2BdeviceName&limit=10&searchRelationship=AND&fields=deviceId%2CtypeAccess%2CtypePassword%2CtypeA2A

Response Body

{  "totalRows": "10",  "devices": [    {      "deviceId": "21001",      "typeAccess": "f",      "typePassword": "t",      "typeA2A": "f"    },    {      "deviceId": "18001",      "typeAccess": "t",      "typePassword": "t",      "typeA2A": "f"    },

Curl

curl -X DELETE --header 'Accept: application/json' 'https://10.33.60.105/api.php/v1/devices.json/1000000'

Request URL

https://10.33.60.105/api.php/v1/devices.json/1000000

Response Body

{  "error": {    "code": 400,    "message": "Bad Request: PAM-CMN-0324: Device  not found."  }}