Only two connections are allowed to a Windows server from CA PAM
search cancel

Only two connections are allowed to a Windows server from CA PAM


Article ID: 225297


Updated On:


CA Privileged Access Manager (PAM)


A remote RDP server has been properly configured with Terminal Server licenses to allow multiple connections to it. This has been verified by connecting to it from outside CA PAM and also by verifying the Terminal Server Licensing configuration.

However only two simultaneous connections are allowed from CA PAM. If a third one is initiated, a message pops up indicating to select a user to disconnect so as to be able to sign in.


CA PAM multiple versions


If Terminal Services Licensing is correctly configured, a likely cause for this behaviour is that the RDP device has been configured in CA PAM with the Console checkbox enabled in the Access Method configuration for the device

Checking this box in is equivalent to trying to initiate an RDP connection to the remote server using the /console or /admin switch. Under these circumstances, the administrative ports will be used, allowing only for two admin connections, even if the Licensing applications are working correctly.


Unless there is a business reason for it, the "console" checkbox can be left unchecked, which will allow multiple connections to target Windows servers.