Trying to to open an RDP or SSH session from PAM's Access page does not open the session to the target.
Enabling the Java Console and try to open an RDP or SSH session from PAM UI in a Web-browser, the Java Console shows the following error:
liveconnect: The html source is on the ESL or covered by a DRS run rule, however the jar's Caller-Allowable-Codebase attribute exists and does not include this source
This happens when the Applets (Config->Security->Sign XSuite Applets) were signed specifying a wrong value for Xsuite Domain.
Go to Config->Security->Sign XSuite Applets.
Edit the Xsuite Domain with the PAM node IP or hostname of the local PAM instance. (Do not use the Virtual Cluster name)
Click on Sign Applets with Certificate.
This may take few minutes to refresh. Don't close the windows nor refresh manually the page.