In PAM, a number of target accounts are configured with a password view policy that has both dual authorization and check-in/check-out. The end users that have access to these accounts are running into an issue where they are requesting accounts that have already been checked out. Is there a way to determine that an account was checked out prior to requesting it?
Privileged Access Manager, all versions
This feature is available for auto-login. When multiple accounts are configured in an access policy, the list of configured credentials includes information on whether or not the account is checked out, see the screenshot below.
The same functionality is not available for direct password view. In that case, the Select icon under the Target Applications column has a drop-down list of target account names that are configured in the policy rather than the pop-up window that auto-login uses.