Can someone please let us know how can we assign a credential manager group to a LDAP group in CA PAM. I want a group of users in LDAP can get credential manager access directly by assigning a membership. But in PAM GUI, I don't see any option to add credential manager groups for LDAP groups. It is there not individual user not for group. Help please ?
This is a known limitation in the product.
It is only possible to assign individual users to Credential Manager Groups - assigning User Groups is not possible.
I suggest to raise an Idea in this forum as per attached procedure notifying Product Management of your request.
Thank you Andreas, this limitations should be mentioned in Product documentations.
Hi Bipin, this is documented, see e.g. the following note on page https://docops.ca.com/ca-privileged-access-manager/3-1-1/EN/implementing/provision-your-server/provisioning-users/configure-user-groups:
"To assign the roles of Global Administrator, Operational Administrator, or Password Manager, apply these roles to the individual user record for each user in the group.”