When deleting an administrator account from the Symantec Messaging Gateway control center via the Administration->Administrators page, any active login session for that account remain active with their original rights until the session either times out due to inactivity, is ended by the administrator logging out or the Control Center process is restarted.

Administrator rights and account status are set at login and are not automatically rechecked while the session is active.

This issue is being reviewed by Symantec.

If you are concerned that an administration session for a deleted account may remain active, please restart the Control Center service via the following procedure to immediately invalidate the session:

1. Log into the command line interface (CLI) of the Control Center host as the "admin" account on either the console or via ssh
2. Restart the Control Center web application service via the `service controlcenter restart` command

Applies To

Symantec Messaging Gateway