Symantec Privileged Access Management

Hi, I´m trying to configure on CA PAM access to a Web Page that uses ActiveX, when I configure the TCP/UDP service to lunch the URL using the native browser and this is iexplorer all works perfect, but when I use Xceedium Browser I have problems, because I can not drill in the menu options. I need to use the Xceedium Browser because the object of the customer is to record the web sessions.

How can I solve this issue?

Is there a way to activate ActiveX on our Xceedium Browser?

Using default browser: here I can choose protocol or other menu options

Using Xceedium Browser: here I´m not able to choose nothing, because it nos displayed, so I can not continue.

Regards

Farid

Based on yr research I started to investigate why we may be could suffering this issue 

Maybe I am wrong , but I have found that from CA PAM 2.8 we have have the following issue 

Xceedium Browser and CA Privileged Access Manager Client Browser do not support plug-ins that use NPAPI (DE161212)

Both the Xceedium Browser and the CA Privileged Access Manager Client Browser are based on JxBrowser. CA Privileged Access Manager has upgraded its version of JxBrowser to increase security. Therefore, neither Xceedium Browser nor the CA Privileged Access Manager Client Browser support plug-ins that use the older NPAPI architecture, such as Adobe Flash and Oracle Java. The browsers fail to load pages that use NPAPI plug-ins.
Workaround: Replace plug-ins that use NPAPI with versions that use PPAPI. For Adobe Flash, seehttp://get.adobe.com/flashplayer/otherversions/. For Oracle Java, there is no PPAPI equivalent.

From another source , How to Use Java, Silverlight, and Other Plugins in Modern Browsers 

'The latest versions of Google Chrome, Mozilla Firefox, and Microsoft Edge only support the Flash plugin. You’ll need to find an alternative browser if you want to use Java, Silverlight, or any other ActiveX or NPAPI-based plugin.Most web users can get by without these plugins. That’s why browser developers no longer support them. But some websites, especially old business and government applications, still require these old technologies. So if you need them, what should you use?'

So our question may be 'Is CA IT Client Automation (rcviewer) still requesting to have ActiveX pug-ins to work on a browser environment? ' Is there any setting to avoid it , and use flash plug-in? 

With Xceedium browser not supporting some plugins there are lot of web based application which are not compatible with CA PAM.

As an Alternative to that , Try to launch the same application from Jump server and configure internet explorer as the as the RDP application with transparent login, There will be some pain in the beginning but eventually you will get what you need (session recording and transparent login both), CA support will help you in configuring that in case you are stuck.

For permanent resolution , you may need to open an idea on community, CA will look into and may be going forward that will be added in the product release.

Hope this helps!

Bravo for Asif! 
Hi Farid. I was going to suggest you what Asif commented to you.

Due some incompatibilities with PAM I would open an idea requesting for this compatibility if possible.

Meanwhile as a workaround, if you need to have the sessions recorded, then I would recommend you to create an RDP Application service to launch the browser from a server and work with the TL.

You will have to publish the browser, like iexplorer.exe in the server and enter the URL in the RDP Application Launch Path, for eg: "C:\Program Files\Internet Explorer\iexplore.exe" "gmail.com"

For more info: 

https://docops.ca.com/ca-privileged-access-manager/2-7/EN/implementing/provision-your-server/provisioning-devices/set-up-transparent-login/rdp-connections

Regards,

Celeste