Hi Prince, You will need to create a custom role and custom CM user group, both under menu item Credentials > Manage Credential Groups. E.g. if you create a role with all privileges, except the "View Account Password" privilege, members of the CM user group with this role assigned will be able to do everything, except for viewing a password. See documentation page
Add or Modify Credential Manager Roles - CA Privileged Access Manager - 3.3 - CA Technologies Documentation for information on available privileges.
Original Message:
Sent: 05-24-2019 08:03 AM
From: Prince .
Subject: Restrict PAM Admin from Accessing/Viewing Target Account Password
Hi All,
How can I prevent the PAM Administrator (User who will handle the operations/Support of CA PAM) to access any target account or view password of it?