Unable to use PAM accounts as a credential for regular entries when datasource is hub business
Unable to use PAM accounts as a credential for regular entries when datasource is hub business
Hello,
When using hub with PAM entitlement, a dedicated vault is required for storing the managed credentials, which cannot contain regular connection type entries.
When creating a connection entry in a regular vault, there is no option to set the credential to 'privilege account' like would be done with DVLS. Instead I assume the expected approach is to choose 'Linked (external vault)', then choose the dedicated PAM vault and subsequently a specific credential entry.
However, when using RDM 2025.3.20 there are no credentials populated in the dropdown after choosing the linked external vault which contains the PAM entries. Also, if it is left as the default of 'prompt on connection', upon launching the connection there are no PAM entries displayed for the user to choose. I tried attempting to do the same thing with Hub web ui but the PAM vault does not show up in the list of linked external vaults.
How does one utilize a PAM entry as the credential for a regular connection entry with Hub?
Not really sure if this a PAM, Hub or RDM issue/limitation?
Please let me know if you would like any additional info.
Thanks
Joe
All Comments (2)
Hi Joe,
What entry type are you trying to link the PAM account to? I can confirm that the "Privileged account" option is available at least on the RDP entry type and a few others with a Hub Business and RDM.
This is a PAM issue so this is the proper forum, thank you.
Best regards,
Luc Fauvel
Hi Luc,
Restarting RDM seems to have resolved the issue. Prior to that, the Privileged account option wasn't showing even though I had refreshed the data source and switched back and forth between different hubs.
Thanks for looking into it.
Joe