We have a CyberArk setup with AD-managed groups to control access to Safes.
Currently, we’re evaluating the most efficient way to automate AD group creation and Safe provisioning. Does the SailPoint PAM module help achieve this functionality? Specifically, does it provide an out-of-the-box (OOTB) interface to support Safe creation, and what design approach can be followed to associate AD groups with Safes.
Hi,
PAM module supports Safe creation. But its functionality is limited for all the use case. Creation of safe is possible, adding/removing users to safe is possible, but modifying user’s permission inside a safe might not be possible, request to be a part of the group is also possible.
Refer to the document for SailPoint PAM module:
https://documentation.sailpoint.com/identityiq/help/pam/pam.html
https://documentation.sailpoint.com/identityiq/help/pam/pampage.html
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.