Describe the issue
The validationset for parameter MemberType does not include Role. This is used by Privilege Cloud ISP as you cannot manage groups directly in ISP web interface.
Can't use value Group instead of role if the role hasn't been added to a safe already. It does not appear under Get-PASGroup.
Once it has been added to a safe once the backend syncs the role to a vault group with the same name and then value Group can be used. Until then Role is required.
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots & Console Output
If applicable, add screenshots and/or console output to help explain your problem.
Add-PASSafeMember -SafeName $safename -MemberName $rolename -memberType 'Role' -SearchIn Vault @permissions
Add-PASSafeMember: Cannot validate argument on parameter 'memberType'. The argument "Role" does not belong to the set "User,Group" specified by the ValidateSet attribute. Supply an argument that is in the set and then try the command again.
Your Environment
Include relevant details about your environment
pspete
commented
1 year ago
Describe the issue The validationset for parameter MemberType does not include Role. This is used by Privilege Cloud ISP as you cannot manage groups directly in ISP web interface.
https://docs.cyberark.com/PrivCloud-SS/Latest/en/Content/WebServices/Add%20Safe%20Member.htm
Can't use value Group instead of role if the role hasn't been added to a safe already. It does not appear under Get-PASGroup.
Once it has been added to a safe once the backend syncs the role to a vault group with the same name and then value Group can be used. Until then Role is required.
Expected behavior A clear and concise description of what you expected to happen.
Screenshots & Console Output If applicable, add screenshots and/or console output to help explain your problem.
Your Environment Include relevant details about your environment