Symantec Privileged Access Management

Expand all | Collapse all

Delegate access to update password for specifics target accounts

Jump to Best Answer
  • 1.  Delegate access to update password for specifics target accounts

    Posted 03-07-2020 02:56 PM
    Hi Community, is there a way to delegate access to a standard user update password only for few very specifics Target Account in PAM?

    ------------------------------
    Security Analyst
    DXC Technology
    ------------------------------


  • 2.  RE: Delegate access to update password for specifics target accounts

    Posted 03-10-2020 10:17 AM
    Hello Higor, You do this by configuring Credential Manager (CM) target groups, CM roles and CM user groups associated with those roles and target groups, and then assign the CM user group to your user. This will limit access to target servers in the target group configured for the CM user group


  • 3.  RE: Delegate access to update password for specifics target accounts

    Posted 04-07-2020 02:54 PM
    Thanks Ralf, but for any reason I cannot delegate ROLE Password Management and the CM to my LDAP group, only for the user. Does it make sense?

    ------------------------------
    Security Analyst
    DXC Technology
    ------------------------------



  • 4.  RE: Delegate access to update password for specifics target accounts
    Best Answer

    Posted 04-07-2020 05:53 PM
    Yes, see the following tip on documentation page https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-3-2/implementing/configure-policies-to-provision-user-access-to-devices-and-applications/configure-users/configure-user-groups.html:

    To assign the roles of Global Administrator, Operational Administrator, or Password Manager, apply these roles to the individual user record for each user in the group.


  • 5.  RE: Delegate access to update password for specifics target accounts

    Posted 04-07-2020 06:39 PM

    Thanks a lot Ralf.

     

    Higor Louback

    Identity & Access Security Analyst

    WW MSS Security Analyst

     

    CyberArk Privileged Access Security - CyberArk Certified Trustee

    Microsoft Security Fundamentals

    Certified Integrator in Secure Cloud Services (CI-SCS)

    ISO/IEC 27002

    ITIL V3

    IBM CSA

    MCSA 2003 + Security

     

    higor.louback@dxc.com

     

    Brazil

     

     

    04PAM20IEF_expert_PAM_imp04PAM20IPF_pro_PAM_imp