Symantec Privileged Access Management

When a user is access RDP via CAPAM Tool from a workstation, he is getting below error message, but the credentials are verified in CAPAM and 100% correct credentials. This issue is for only two-three users, others are able to access the RDP to same server with same Target account from different workstations. This error is not permanent to the same user, it is vice versa

It is Windows Domain server and target account is Active directory account.

Can anyhelp me on this issue? How to resolve this issue?

Hello--

We are on 3.3.3.01, and yes - we are fighting that problem as well.

What is your password view policy for these accounts?
. 
We are currently only doing account Check out/in as its the only thing that does not break PAM access :-(

My theory is RDP sessions are not logging off, the session windows are just killed (user just clicks the X in the top right). This happens either by mistake, or the windows session locks, and the only thing the user can do is kill it.

It would be beneficial for someone who has session control working (ie automatically logs into Windows with vaulted credentials) with AD accounts to bring some thoughts into the conversation.

One observation: this problem appears happens less on a domain with one or two domain controllers. A domain with 5 Domain Controllers appears choke with locked accounts consistently.


Original Message:
Sent: 07-24-2020 12:19 AM
From: venkataramana potnuru
Subject: Alert when access RDP to a server as ""The logon attempt failed. The credentials that were used to connect to server did not work"

Hi All,

We have faced with this multiple times, but we are unable to found the resolution

When a user is access RDP via CAPAM Tool from a workstation, he is getting below error message, but the credentials are verified in CAPAM and 100% correct credentials. This issue is for only two-three users, others are able to access the RDP to same server with same Target account from different workstations. This error is not permanent to the same user, it is vice versa

It is Windows Domain server and target account is Active directory account.

Can anyhelp me on this issue? How to resolve this issue?

I just checked 5 servers - all had a pam user process in "disconnected" state

You might have a GPO policy that unlocks the account after 15 minutes which makes these hard to catch.

For the suspect accounts - I'll clicking the "verify account" every 2 minutes - usually after 5 minutes it will show an error.
Original Message:
Sent: 07-30-2020 07:23 PM
From: Chris Scott
Subject: Alert when access RDP to a server as ""The logon attempt failed. The credentials that were used to connect to server did not work"

Hello--

We are on 3.3.3.01, and yes - we are fighting that problem as well.

What is your password view policy for these accounts?
.
We are currently only doing account Check out/in as its the only thing that does not break PAM access :-(

My theory is RDP sessions are not logging off, the session windows are just killed (user just clicks the X in the top right). This happens either by mistake, or the windows session locks, and the only thing the user can do is kill it.

It would be beneficial for someone who has session control working (ie automatically logs into Windows with vaulted credentials) with AD accounts to bring some thoughts into the conversation.

One observation: this problem appears happens less on a domain with one or two domain controllers. A domain with 5 Domain Controllers appears choke with locked accounts consistently.


Original Message:
Sent: 07-24-2020 12:19 AM
From: venkataramana potnuru
Subject: Alert when access RDP to a server as ""The logon attempt failed. The credentials that were used to connect to server did not work"

Hi All,

We have faced with this multiple times, but we are unable to found the resolution

When a user is access RDP via CAPAM Tool from a workstation, he is getting below error message, but the credentials are verified in CAPAM and 100% correct credentials. This issue is for only two-three users, others are able to access the RDP to same server with same Target account from different workstations. This error is not permanent to the same user, it is vice versa

It is Windows Domain server and target account is Active directory account.

Can anyhelp me on this issue? How to resolve this issue?

I ran into a similar issue in a client's production site.

What worked for me was changing the domain name format in the application -> Active Directory - Domain Name field: 

I changed it from the domain's FQDN to the domain's NetBiosName and for whatever reason it started working after that.

oddly enough, however, i must say in all honesty that, in an attempt to reproduce the original error, i set the field back to domain fqdn... but i can't seem to repro the error now.




------------------------------
Services Architect
HCL Technologies Ltd
------------------------------

Original Message:
Sent: 07-24-2020 12:19 AM
From: venkataramana potnuru
Subject: Alert when access RDP to a server as ""The logon attempt failed. The credentials that were used to connect to server did not work"

Hi All,

We have faced with this multiple times, but we are unable to found the resolution

When a user is access RDP via CAPAM Tool from a workstation, he is getting below error message, but the credentials are verified in CAPAM and 100% correct credentials. This issue is for only two-three users, others are able to access the RDP to same server with same Target account from different workstations. This error is not permanent to the same user, it is vice versa

It is Windows Domain server and target account is Active directory account.

Can anyhelp me on this issue? How to resolve this issue?