A PAM device administrator has rights to create, update and delete devices that are members of the device group that the administrator is assigned to. The admin created a device successfully and then deleted it. The PAM UI reported that the device was deleted and it disappears from view for this admin:

But an attempt to create the same device again fails with an error, such as:

PAM-CMN-0333: Device or device group name <device name> already exists. Names must be unique.

or

PAM-CMN-0335: Device *** not added

A global administrator then looks for the device, finds it and deletes it. Afterwards the device can be added again by the device administrator.

The device was created with a tag that was used by another device group to which this device administrator did NOT have access . When the device admin "deleted" the device, it only got removed from the group that this admin had rights to manage. PAM could not remove it from the other group, because the admin did not have a delete privilege for devices in that group. This admin is not supposed to have awareness of other groups, and therefore PAM will show a success message for the delete operation even though the device is not removed from PAM.

PAM is working as designed. To make sure that limited device or user group manager roles work as expected, make sure that unique tags and descriptors are used for groups that are meant to be managed by independent group administrators.