PAM custom administrators are not able to import LDAP users or devices.
While trying the following error is shown: 9013 = Unauthorized attempt to retrieve the configuration for LDAP domains.
This started to occur since CA PAM release 2.8.2.
where two new privileges were introduced: userGroupAdd and userGroupDevice.
Ensure that these two privileges are added to the custom Role the administrator belongs to.
Go to Users>>Manage Roles.
Ensure that the role has been extended by the following privileges:
userGroupAdd: to import Users
userGroupDevice: to import Devices
Please see: https://docops.ca.com/ca-privileged-access-manager/2-8-3/EN/release-information/resolved-issues-in-2-8-2
referring Defect: DE199607
Was this information helpful?