Session recording mountpoint giving error "Temporary session recording mount point connectivity error."

book

Article ID: 224117

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

All the users are not able to connect to SSH targets through the PAM Applet even though PuTTY along with other TCP/UDP services and other RDP access works properly.

 

The error display  will refer to temporary session recording mount point connectivity error even though the session recording mount points are available and session recording is working for all other access methods. The description of the error may be displayed differently depending how the Configuration>Session recording> Access Policy  is defined “ Security Safe / Operationally Safe “

 

The problem may affect only the primary site or one specific secondary site node but once encountered on that node it will be consistent.

Cause

The AUTO-INCREMENT field in the gk_connection table grew over a value of 1,000,000,000 which was is simply too large when read for the Mindterm Applet when recording was enabled. 

Environment

Release : 3.4.x

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

This value will need to be reset with assistance from Broadcom Support to allow connections to be used again. This will require a webex for remote ssh access at a time when all endusers can be disconnected from the affected site.

This will be resolved in Symantec PAM 3.4.6 and should not affect PAM 4.x.