PAM : "Can't decide access type" error when trying to access target device
search cancel

PAM : "Can't decide access type" error when trying to access target device


Article ID: 145471


Updated On:


CA Privileged Access Manager (PAM)


When trying to open an session to a device from PAM, it does not work with the following error : "Can't decide access type."


Product: Privileged Access Manager
Version: 3.3.0, 3.4.x or later


Corruption in PAM database.
One customer reported the issue after PAM version upgrade.
Other customer reported the issue after PAM's hardware ID change (If Mac address is changed, PAM's hardware ID is also changed.)


Database repair patch available for 3.3.0 and 3.3.1

PAM 3.3.0 --> hotfix
PAM 3.3.1 --> hotfix

Note. The patch will just repair PAM database corruption.

You can find the mentioned fixes in CA Privileged Access Manager Solutions & Patches

Review also the patches documentation at:

For 3.3.2 and later, please refer to another article 189378 to repair database corruption.


- Secondary node in the Primary Cluster was giving the error message "Can't decide access type" 
- Turned OFF the cluster making sure that users are able to login to the primary node of the cluster.
- We took the DB back and configuration backup of the the second node in the cluster, this was a precautionary step.
- The Database was reset, making sure that the devices, users, target users, and policies are all cleared from the secondary node
- Added the secondary node back into the cluster
- Once the cluster was reconfigured, the problem of "Can't decide access type" stopped
- We did connect to some of the Linux devices and the autologin was also successful.


Additional Information

Unfortunately, the issue (corruption) might happen in another day.
If it happens, please repair database again.