Active Control Center administrator sessions remain active when the account is deleted

book

Article ID: 158120

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

When deleting an administrator account from the Symantec Messaging Gateway control center via the Administration->Administrators page, any active login session for that account remain active with their original rights until the session either times out due to inactivity, is ended by the administrator logging out or the Control Center process is restarted.

Cause

Administrator rights and account status are set at login and are not automatically rechecked while the session is active.

Resolution

This issue is being reviewed by Symantec.

If you are concerned that an administration session for a deleted account may remain active, please restart the Control Center service via the following procedure to immediately invalidate the session:

  1. Log into the command line interface (CLI) of the Control Center host as the "admin" account on either the console or via ssh
  2. Restart the Control Center web application service via the `service controlcenter restart` command

Applies To

Symantec Messaging Gateway