The logon attempt failed. PAM-SRM-0013: An error occurred while post-processing of session recording

book

Article ID: 197873

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

We have recently upgraded PAM to 3.3.2.99 and we get the following error very frequently.
We checked the password is 'ok' and there was no old session.
RDP connection from outside of CA PAM works with the same password.

 
Error Message: Alert - The logon attempt failed. The credentials that were used to connect to server did not work.

PAM-SRM-0013: An error occurred while post-processing of session recording: NLA login was canceled or invalid credentials were entered. Deleting the file: <hostname>-0000065351-1591505213441_RDP

Cause

The above error is caused since the logon to the first RDP session is in progress and a second RDP session to yet another Windows Server is initiated.

Environment

Release: 3.3.x, 3.4.x

Component: PRIVILEGED ACCESS MANAGEMENT

Resolution

Product Engineering does not consider this as a product defect. The only resolution is to establish one RDP session, wait for the login to be completed, and only thereafter a new RDP session to any other Windows host is to be initiated. This problem happens only when the RDP sessions are performed for hosts that are on different pages in the Access Tab.

Additional Information

Steps to replicate this problem: (Assumption there are 100's of Windows hosts configured for automatic login using CA PAM)

1. Initiate an RDP session to a Windows host that is listed on page 1 in the Access Tab.
2. Before the login process completes, go the second page under the Access Tab.
2.1 Either go to a different page or filter the Windows hostname present on the first page itself and perform RDP.
3. Initiate an RDP session to yet another Windows host from the second page, the error message is encountered.

Attachments