A2A Scripts disappeared for some A2A devices and will not be visible when added again
search cancel

A2A Scripts disappeared for some A2A devices and will not be visible when added again

book

Article ID: 216979

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Three servers form an A2A request group, created in 2019 (probably on 3.2.4), which is used sporadically.  Today is likely the first time they have been used for A2A requests since the upgrade to 3.4.2.

A2A scripts have disappeared from all but one.  If we copy these scripts for the other servers, the save succeeds, but the new script only appears in the script list for less than a second.  

Device type A2A had been unchecked at some point, but checking it (and A2A-Active) does not change the behavior of the A2A Scripts screen.

With these scripts not recognized, the A2A mapping for the request group does not honor requests from the other servers.

Environment

Release : 3.4

Component : PRIVILEGED ACCESS MANAGEMENT

Cause

Database table entries for the affected devices were missing a link to the corresponding request server (A2A client) entry.

Resolution

PAM Support resolved the problem with a manual SQL query. Support was not able to reproduce the problem and root cause is not clear. Because of this we cannot say for sure that the problem is resolved in the latest PAM releases. If you observe such a problem, please open a case with PAM Support.