After upgrading PAM, RDP Transparent Login (TL) sessions to a jump server are not launched properly. When trying to do so, message PAM-TLGN-0054 Transparent Login Agent Launch failed: application list is empty. Errors: 4 Please contact your administrator is obtained and transparent login is not performed
It has been determined that disabling the TL cache under Settings --> General Settings in PAM helps work around the problem, but that causes the TL applications to work much slower
CA Privileged Access Manager, all versions starting 3.3.X
The cache for TL is kept in folder C:\ProgramData\Xceedium in the jump server. Beware this is a hidden folder and the corresponding option will have to be checked in the View Menu of the File Explorer in order for it to be visible.
If there is any problem with accessing this folder (for instance some file creation or replacement error) so that it is not properly updated when the new TL version kicks in with the correct TL Agent files to cache, or if the version therein is too old to communicate with the new version of TL in PAM and it can't be updated, that will cause the agent not to be able to retrieve the list of applications configured for TL from PAM and this will result in this error
There may be many things preventing the cache folder from being properly updated, like for instance Antivirus check, or insufficient permissions. Assuming it is none of this, one possible solution is to completely delete or rename the Xceedium folder under C:\ProgramData and recreate it empty, then access again the jump server attempting TL as required.
If this works, we should be able to see that C:\ProgramData\Xceedium has again been populated with the TL Agent files and related contents and we should probably observe as well that the sizes are different from the previously existing ones (the ones in C:\ProgramData\Xceedium before we renamed or deleted the folder).