search cancel

Session recording mountpoint giving error "Temporary session recording mount point connectivity error."

book

Article ID: 224117

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

All the users are not able to connect to SSH targets through the PAM Applet even though PuTTY along with other TCP/UDP services and other RDP access works properly.

 

The error display  will refer to temporary session recording mount point connectivity error even though the session recording mount points are available and session recording is working for all other access methods. The description of the error may be displayed differently depending how the Configuration>Session recording> Access Policy  is defined “ Security Safe / Operationally Safe “

 

The problem may affect only the primary site or one specific secondary site node but once encountered on that node it will be consistent.

Cause

The AUTO-INCREMENT field in the uag.gkconnection table had grown to a 10-digit value of 1,000,000,000+, which caused a problem with the Mindterm Applet when recording was enabled. 

Environment

Release : 3.4.0-3.4.5

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

For affected releases, this value will need to be reset with assistance from Broadcom Support to allow connections to be used again. This will require a webex for remote ssh access at a time when all end users can be disconnected from the affected site.

This problem is resolved in Symantec PAM 3.4.6 and does not affect PAM 4.x. The EOS date of affected releases was May 11, 2022, and therefore the problem no longer should be observed in currently supported releases. If you have such a problem with 3.4.6+, it would have to have a different root cause. In that case please open a case with PAM Support for detailed investigation.