Unable to log in with Direct RDP Session

I created a new PAM server to mirror a test PAM server and created a rule to audit user logins via RDP (Direct RDP Session). However, authentication always fails. I've looked at the settings in both the old and new server and they all match so I'm stumped as to what the problem is.

The rule in question:


The "Data Center" group mirrors what is on the old PAM Server, as does the Windows wcc credential. unifid.log from the new PAM server shows:
Wed May 30 12:22:13 2018, 78, 1433954048, 2908, Info, cmdctrl request denied for '<rdpDirect> WCC\C00000039@v3tsw00422' from C00000039@v3tsw00422

while unifid.log from the old PAM server shows:
Wed May 30 12:18:44 2018, 886, 1262679808, 13775, Info, cmdctrl request accepted for '<rdpDirect> WCC\C00000039@v3tsw00421' from C00000039@v3tsw00421 as wcc\SubmitUser@v3tsw00421


Anyone have any ideas? Both the old and new wcc domain have the SubmitUser credential.
  • achinayoung,

    It appears that in the past few days you have not received a response to your
    posting. That concerns us, and has triggered this automated reply.

    These forums are peer-to-peer, best effort, volunteer run and that if your issue
    is urgent or not getting a response, you might try one of the following options:

    - Visit https://www.microfocus.com/support-and-services and search the knowledgebase and/or check
    all the other self support options and support programs available.
    - Open a service request: https://www.microfocus.com/support
    - You could also try posting your message again. Make sure it is posted in the
    correct newsgroup. (http://forums.microfocus.com)
    - You might consider hiring a local partner to assist you.
    https://www.partnernetprogram.com/partnerfinder/find.html

    Be sure to read the forum FAQ about what to expect in the way of responses:
    http://forums.microfocus.com/faq.php

    Sometimes this automatic posting will alert someone that can respond.

    If this is a reply to a duplicate posting or otherwise posted in error, please
    ignore and accept our apologies and rest assured we will issue a stern reprimand
    to our posting bot.

    Good luck!

    Your Micro Focus Forums Team
    http://forums.microfocus.com


  • achinayoung_waubonsee;2481781 wrote:
    I created a new PAM server to mirror a test PAM server and created a rule to audit user logins via RDP (Direct RDP Session). However, authentication always fails. I've looked at the settings in both the old and new server and they all match so I'm stumped as to what the problem is.

    The rule in question:


    This was solved with help from NetIQ by leaving Account Domain and Credentials blank and Run User as "Submit User" and Run Host as "Submit Host". This is on a 3.2.0.4 system. I did not have to do this on 3.2.0.3. Maybe 3.2.0.4 introduced a bug.