Login failed: unknown reason error when older database version is restored into PAM 3.4.x or PAM 4.0

book

Article ID: 220980

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

After restoring PAM database no users can login. The following "Login failed: unknown reason" error dialog is shown when trying to login as 'super' user.

Logging in using Browser shows an empty blank page is shown.

Cause

Older database version has been mistakenly restored into PAM 3.4.x (or PAM 4.0) which causes missing columns in PAM MySQL tables. E.g. Database backup version 3.3.x is restored into PAM 3.4.x or PAM 4.0, or database backup version 3.4.x is restored into PAM 4.0.

Environment

Release : 3.4.3, 3.4.4, 4.0

Component : Privileged Access Manager

Resolution

Restore available latest good VM snapshot that is taken before the last database restore.

If there is no available good VM snapshot backup, but there is latest good database backup file which the version matches current PAM version, please raise a Technical Support call ticket. SSH Debug patch should be applied and Remote Debugging Service turned on via config legacy page and Technical Support can SSH into the PAM node and restore the correct database backup file manually.

Additional Information

As of now, we are working to prevent this kind of old database restoration execution in the later release.

Attachments