SPS Error when launching RDP Sessions

Hi,

We are on an OnPrem environment at version 7.5.0.

when using PAM (both SPP and SPS) it happens that sometimes (not always) sessions don't work.

SPS returns a "Gateway Authentication failed" error.

Checking the logs, the specific error is as follows:

[...]Reason: (BadRequest) {\"Code\":90139,\"Message\":\"The new session must be initialized before action 'AuthenticateSession' can be invoked.\",\"InnerError\":null} Call failed with status code 400 (Bad Request): POST [...]AccessRequests/AuthenticateSession".

The temporary "solution" we found to solve this is to check the session in on SPP and then request it again.

Do you know why and what could possibly cause this error?

Thank you,

Simone

Parents
  • Hi,

    Does this happen to specific target assets or all assets?

    We had a case facing these errors where the issue was related to the target system not having the CVE-2018-0886 patches installed 

    Thanks!

  • Hi Tawfiq,

    it does happen for every server that is not a DC.

    Also, the specified patch has been installed already on the servers where there is the problem.

    Is there any other suggestion?

    Thank you

  • If you can reproduce the issue, when the error occurs next time, do the following to verify if the problem access request appears on all SPP nodes or if access request is missing from one of the SPP nodes:

    Do not check-in the problem access request for now

    Login to each SPP node in the cluster directly using IP address for example (with the username having the issue) and check if the problem access request appears under My Requests for that user from each SPP node?

    If the access request seems to be missing from a specific SPP node then that particular SPP node could be having an issue where the access request is not replicating to it and causing this intermittent issue because SPS will interact with any SPP node and if SPS lands on the SPP node that is missing the access request then this error happens.

    In that case you would have to Unjoin that SPP node (which is missing the access request \ having an issue replicating access requests) and rejoin it back to the cluster which should correct the issue.

    Thanks!

  • Hi Tawfiq,

    i have checked the History from the Reports Activity Center.

    The session is present on all 3 nodes, so i exclude that the problem is related to this.

    Should it be something that the support has to investigate?

    Thank you

Reply Children