From Devolutions Server v.2024.3 on, PAM vault management settings practically mirror those of regular Vault management, with a few notable exceptions:
Default permission sets are different (see image below).
The My account settings and Security settings sections are not available in PAM vault management.
In Default permissions, the More tab is replaced by a PAM tab, which lists PAM–only settings and options (see table below).
Note that PAM permission sets are not applicable to non–PAM vaults, and vice-versa.
Permissions can also be set for individual PAM folders by heading to Properties – Security – Permissions.
| Reset password | Allow every user (or specific ones if Custom is chosen) to reset PAM entries' passwords in accordance with their Password template mode. |
| Approve checkout request | Allow every user (or specific ones if Custom is chosen) to approve demands for checkout on PAM entries. |
| Force checkin | Allow every user (or specific ones if Custom is chosen) to force other users to checkin PAM entries. |
| Checkout | Allow every user (or specific ones if Custom is chosen) to checkout PAM entries. |
| Read logs | Allow every user (or specific ones if Custom is chosen) to read PAM entries' logs. |
Here is a table summarizing each default permission set in PAM vault management:
Give us Feedback