Environment
Privileged Account Manager 3.2
Situation
REST API calls to secondary manager aren't replicating to primary
For example, creating a key or vault in the enterprise credential vault against a primary manager will replicate to secondary, but creating against secondary does not replicate to primary.
Resolution
Workaround:
API requests to create & modify should be made against the primary manager. Querying of objects can be made to either primary or secondary, but changes should be made to the respective primary manager, which are then replicated to secondary.
This has been reported to engineering so that the API can respond appropriately when made to a secondary manager by either forwarding the request to primary or rejecting.
Cause
This is in accordance with the design of primary managers replicating to secondary managers and not the other way around. However, the API should respond appropriately and either forward the request onto the primary manager or reject the request.