PIM(SAM) r12.9 SP1 or later: Login session is not terminated after forced check-in


Article ID: 103230


Updated On:


CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)


When customer forced check in before Valid Until date, check in is completed. But active RDP session did not terminate. When time is reached Valid Until, it terminated. Please check it is bug or not.


- root cause of the problem After investigation we found that this is happening only if the userstore is Active Directory. Cause of the problem is we are storing executor value as Camel Case
i.e CN=superadmin,CN=Users,DC=PIMSERVER,DC=local in LOGIN_APPLICATION_TICKET table
but when trying to compare the value we are comparing with the lower case i.e cn=superadmin,cn=users,dc=pimserver,dc=local
Yes and i have already ported the changes to the other releases as well.
SE has ported r12.9 SP1 and r14.0 


First Reported environmnet:
  OS: Windows 2012 R2
  Prod: CA Privileged Identity Manager r12.9 SP2 for SAM
   + RO93134+T6CQ008+T6DC034+T51S052+T51S058+T6CI034+T6E6010
    CDB: ORACLE 11g
    User store: ActiveDirectory

This problem is occurred if user store is using ActiveDirectory.


provide T6E6011 to solve the problem for r12.9 SP2.