PAM Global Configuration Settings

Part of configuring the PAM module is configuring global settings for the module. Global settings include things like how PAM containers can be modified within IdentityIQ, and which business process to use for provisioning PAM identities

To configure PAM's global settings, click the gear icon > Global Settings > IdentityIQ Configuration and select the Privileged Account Management tab.

Define the following:

Enable adding and removing identities in PAM containers

Allow PAM users to manually add or remove identities on the container details page.

Enable adding and removing privileged items in PAM containers

Allow PAM users to manually add or remove privileged items on the container details page.

Enable owners to modify PAM containers

Allow owners of PAM containers to change or edit their containers.

Enable the creation of PAM containers

Allow PAM users to manually add PAM containers on the Privileged Account Management page.

The maximum number of selectable users in Privileged Account Management

The maximum number of identities you can take action on at one time in the PAM module.

The workflow used to provision identities

The workflow, or business process, that defines the provisioning process for the PAM Module. Business processes are defined and maintained on the Business Process Editor page. See Business Processes for more information .

A rule to filter privileged items that can be added to containers

You can use a rule to add business logic to limit which privileged items can be added to PAM containers. Rules must be of rule type PrivilegedItemSelector to be included in the dropdown list. You can also click the [...] icon to open the rule editor to create or edit a rule.