HI there,
Could somebody please shed some light on how this "List Other Accounts" privilege works in Credential Manager ?
On the documentation page, this privilege is not mentioned.
Add or Modify Credential Manager RolesBased on my testing, it seems to me that the user will need this privilege if the user is going to use the CLI command addTargetAccount to add an account on CA PAM and the new account is going to use another account (already exists on PAM and referenced through the account ID number) to synchronize password with the endpoint.
Also, my testing shows that as long as the use has this privilege, the user can search all existing target accounts for the purpose of using them as the "other account" when creating new Target Accounts. The normal Target Group mechanism does not apply to this privilege, i.e. the user will be able to search for the Target Account even if the user does not have a Target Group that gives the user access to the account.
Is my understanding correct ?
Regards,
Jiangping Li