Next, head to Administration – System Permissions – Modules.
Configure the accesses to the PAM system for the users/admins and manage privileged accounts rights on who can edit the privileged entries. Then, click Save. PAM Access configuration
Add a provider
Back to the PAM section in Administration - Privileged Access - Provider, add a provider of any of the available types: Domain User (AD), Local User (SSH), SQL User, Windows users or Azure AD User, MySQL user, Cisco User or Oracle User. PAM ProvidersPAM Providers
When adding the provider, make sure you keep the Add Team Folder and Add Scan Configuration options checked.
PAM Provider Configuration
For more information, please consult Providers.
Add a scan configuration
Confirm that it is the good provider, domain and domain container (where the accounts are located).
Make sure the Start Scan on Save checkbox is selected.
In the PAM Vaults section of Administration - Privileged Accounts, you need to create at least one PAM Vault to contain the accounts. You can customize that particular folder's security options if you do not want to give them the defaults you set during the initial configuration. You can also customize the approvers on the folder directly which will give you a list of the administrators. PAM Vaults
Import accounts from a scan
In the Scan Configuration section, click the result of your initial search.
View Scan Results
Select all the accounts you want to import, and on the top right, click the Import Selected Accounts button. Import Selected Entries
You can put them in the Vault of your choice. You can also choose whether to reset password on import or on check-in (recommended). That way, the password is safe the moment the user checks it back in. Import Users
Once imported, you can click into the v ault and manually check the Synchronization Status in the top right of the screen. You will know the accounts are well synchronized when the credentials does not have an Out of sync red warning next to them. PAM Account Sync Check
You are now ready to use the privileged access management portion of Devolutions Server.