Which IIQ version are you inquiring about?
Version 8.3
Share all details related to your problem, including any error messages you may have received.
can we add an external AD group to the safe permission to grant access to the safe using PAM connector. ?
Also can we add an external AD user to the safe permission. ? i tried adding the searchIn attribute to my object request to add the user/group but its not helping. am I missing something. see my plan below…
<ProvisioningPlan nativeIdentity=“CN=CA_PCloud_Admins,OU=Groups,OU=CyberArk,DC=abc,DC=com” targetIntegration=“CyberArk-TargetCollector”>
<ObjectRequest application=“CyberArk Privilege Cloud” nativeIdentity=“CN=CA_PCloud_Admins,OU=Groups,OU=CyberArk,DC=abc,DC=com” op=“Modify” type=“Container”>
<Attributes>
<Map>
<entry key=“memberType” value=“Group”/>
<entry key=“searchIn” value=“abc.com”/>
</Map>
</Attributes>
<PermissionRequest op=“Add” rights=“useAccounts, retrieveAccounts, listAccounts, updateAccountProperties, initiateCPMAccountManagementOperations, specifyNextAccountContent, unlockAccounts, manageSafe, manageSafeMembers, backupSafe, viewAuditLog, viewSafeMembers, accessWithoutConfirmation, createFolders, deleteFolders, moveAccountsAndFolders, requestsAuthorizationLevel1” target=“PPA-Test11A” targetCollector=“CyberArk-TargetCollector”>
<Attributes>
<Map>
<entry key=“assignment” value=“true”/>
</Map>
</Attributes>
</PermissionRequest>
</ObjectRequest>
</ProvisioningPlan>