Symantec Privileged Access Management

  • Private Community
 View Only

 Regarding errors that occur when modifying a user

Jump to  Best Answer
MARUBUN SUPPORT's profile image
MARUBUN SUPPORT posted Jul 30, 2024 12:23 AM
Hi Team,
[Product]
PAM 4.1.3
 
[Question]
We received the following request from a customer.
 
When changing an Auditor/Password Manager user from inactive to active in the "Users" -> "Management" tab, the error PAM-CMN-5517 occurred and the user could not be changed.
 
Please tell me the cause of this error and how to resolve and deal with it.
 
Regarding this, the PAM manual states that PAM-CMN-5517 has been fixed in Resolved Issues in 4.1.5.
 
> PAM-CMN-5517 error appears when trying to modify a user.
 
Do you know any details about this fix?
Thanks,
Ralf Prigl's profile image
Broadcom Employee Ralf Prigl posted Jul 31, 2024 11:45 AM  Best Answer

Hello, This problem occurred due to a missed side effect from the following fix listed under Resolved Issues in 4.1.3:

33305029 DE553877 When a user inherits a CM group and is an approver for a PVP, modifying the user displays error PAM-CMN-0155.

It should affect users that have a CM group membership assigned that is not assigned on the user group level. The solution is to upgrade to 4.1.5+. As a workaround, the following procedure should allow you to update the user:

1- Create a local group with the same roles and CM groups that the user currently has.
2- Add the user to the user group.
3- Update the user to make the desired changes.
4- Go back to the user group and remove the user.
5- Delete the temporary user group.