For compound accounts, the Compound Servers tab has two columns - "Target Server" and "Verified". What does the "Verified" column indicate? 

Compound servers are defined in a separate database table that links to the target accounts table. This table includes a flag for the Verified state. When the flag is "1", the UI will show a green checkmark for this server in the Verified column of the Compound Server tab. When it is "0", the column entry will be blank.

The flag reflects the last time the compound server object was updated while the compound account was verified, or the password was updated successfully. If a verification of the compound account is performed and the anchor account (account on the target server for which the compound account is defined) verifies, but the password fails to verify on one or more of the compound servers, then the compound server objects for these servers go to Unverified and the Verified column of the compound servers where the verification failed goes to blank. You have to close the account and edit it again to have PAM read the updated values from the database. If the verification fails on the anchor account itself, PAM will fail the verification right away and not proceed to verifying the account on the compound servers. But when it proceeds, it will go through the full list of compound servers, irrespective of individual results for each server.

Note that the flags will NOT be updated, if a password update attempt fails on any compound server. In that case PAM does not persist any changes because of the update failure. Only a subsequent account password verification will update the Verified values for the compound servers, and then only if the verification of the anchor account is successful, see above.