How to Determine When Users Were Created in PAM
search cancel

How to Determine When Users Were Created in PAM

book

Article ID: 371426

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

For auditing purposes, it is required to list when every user was created in PAM. This information is not listed in the UI, is there a way to see when users were created?

Environment

Privileged Access Manager, all versions

Resolution

Use the searchUser CLI command to list all users stored in the PAM database, an example of the command and output for one user is below.

# capam_command capam=PAMHOSTNAME adminUserID=super cmdName=searchUser
Enter password: #####

<CommandResult>
	<cr.itemNumber>0</cr.itemNumber>
	<cr.statusCode>400</cr.statusCode>
	<cr.statusDescription>Success.</cr.statusDescription>
	<cr.result>
		<User>
			<userID>super</userID>
			<userGroupIDs>#####</userGroupIDs>
			<authenticationType>#####</authenticationType>
			<gkUserId>#####</gkUserId>
			<firstName>First</firstName>
			<lastName>Last</lastName>
			<email>[email protected]</email>
			<serverKeyId>#####</serverKeyId>
			<lastLogin/>
			<viewType>admin</viewType>
			<failedLoginAttempts>0</failedLoginAttempts>
			<ldapDN/>
			<password/>
			<status>ACTIVE</status>
			<createTime>1574712529000</createTime>
			<createDate>Mon Nov 25 20:08:49 UTC 2019</createDate>
			<updateDate>Fri Feb 23 16:52:06 UTC 2024</updateDate>
			<extensionType/>
			<createUser>admin</createUser>
			<updateTime>1708707126000</updateTime>
			<updateUser>super</updateUser>
			<hash></hash>#####</hash>
			<Attribute.pageSettings.dashboard>#####</Attribute.pageSettings.dashboard>
			<Attribute.pageSettings.commonPageSettings>#####</Attribute.pageSettings.commonPageSettings>
			<ID>#####</ID>
		</User>
	</cr.result>
</CommandResult>

Additional Information

For instructions on configuring the Remote CLI, refer to the Install and Set Up the Remote CLI and Java API PAM documentation section.