PAM - Users cannot access the devices - The logon attempt failed


Article ID: 197009


Updated On:


CA Privileged Access Manager (PAM)


One or several user are not able to access the devices they should have access to.
The following error messages are displayed:

The logon attempt failed.
The credentials that were used to connect to server did not work.

as shown in the following image.

These users are not able to view their password either, in case the automated login was disabled.


Product: Layer 7 Privileged Access Manager
Version: 3.x


Running the following steps solved the problem, allowing the affected user to access the devices via RDP or SSH:

  1. Open the PAM client with the 'super' account and go to 'Credentials / Manage Credential Groups / Credential Groups'.
  2. Open the group 'Standard Users' and select the 'Users' tab. Use the search option to see if the user is in it.
  3. If it is not there, go to the 'Users / Manage Users' and open the affected user record page. In the 'Roles' tab see if it belongs to any of these roles: 'Global Administrator', 'Operational Administrator', or 'Password Manager'.
  4. If it does not, grant it the 'Password Manager' role, assign it to the 'Base Users' credential manager group and save the user.
  5. If the save succeeds, go back to the user and delete the 'Password Manager' role. Save the user and see if they are now a member of the 'Standard Users' Credential Manager group.
  6. Let the user try to log in again and access the device.