Saving to a Shared Network Drive

By default, PAM saves its content (Session Video Recordings, Exports and Temporary files) to a directory in its installation location $PAM_HOME/content and the $PAM_HOME variable resolves to the local install location.

Each PAM node will access the Content storage based on it's own resolution of the location.

When using multiple nodes, best practice is to use a network share that is accessible by all nodes using that address.

When a user has connected to a specific node and launched an RDP session, and this is recorded, this recording will be stored in the Content Location address that the local node resolves to.

When an administrator wants to view the recording, the PAM node that the administrator is log into will try and accessed the recordings also using the Content Location address based on its own resolution.

If the default Content Location address is still used, the administrator will only be able to view recordings that were recorded by that node.

Trying to view a recording that is in a separate storage location will exhibit the behaviour where the recording just will not play.

No error will be seen.

If nodes are in separate datacentres, it is recommended to use a network share that is locally accessible from each node, but is replicated between datacentres. An example of this is Microsoft DFS.

 

Configuring PAM to Save Content to a Shared, Network Drive or Path.

If you would like to change this path to a shared, network location, please perform the following steps:

  1. Login to PAM as a System Administrator.
  2. Navigate to Administration > Settings > Parameters.
  3. Update the path in the following parameters as needed: Content Location, Export Location and Temporary Location.
  4. Network locations should be defined like this: //server/share
  5. Click the Save button next to each parameter that has been modified.

For Windows deployments, because PAM is run using the “Local System” account, ensure that this Local System account on the PAM host server has Read/Write access to your shared, network drive. If it does not, then the save will fail due to an Access Denied exception.

To test this configuration change, establish a remote session with the recording option enabled and confirm that both directories and the resulting video file (stored as a .zip file) are created in your new location or create an Export to ensure the export (stored as a .zip file) is created in your new location.