A Windows server has been provisioned for access with Computer Access Licenses (CAL) so that several simultaneous connections are possible

The license server is working fine and there are multiple connections possible to the RDP server when operating outside PAM

However, when access is attempted from PAM only two simultaneous sessions are available. This may happen with the usual applet access, RDP defined as a service, or both

CA PAM all versions

Windows servers all versions

This is due to the definition of the RDP access or service in PAM

Windows will allow as many connections as available from the License server for as long as they are regular sessions

If the sessions are established as Administrative sessions, then only two simultaneous sessions of this type are available

This is controlled by the "Console" checkbox when defining the access for a given server in PAM. 

If a RDP windows connection service is defined, if the /admin switch is specified, this will have the same effect as defining the console checkbox in the RDP access in PAM

Please make sure that the /admin switch is removed from the RDP service definition if accessing PAM via an RDP service, and also that the console checkbox is unchecked if accessing PAM by using the CA PAM applet