Symantec Access Management

 View Only
  • 1.  A compromized user session termination by Administrator

    Posted Jan 05, 2021 12:10 PM
    Edited by Vladimir Liapko Jan 05, 2021 12:11 PM
    Hi,

    Is there a way to terminate a user session from SiteMinder Policy Server? A sample scenario, an authenticated user commits suspicions activities in a Web App and Corp Security wants to  disable the account and terminate all existing sessions for the user. If an account is disabled this only prevents new sessions from being created but all existing sessions still stay.

    Thanks,
    Vlad​​


  • 2.  RE: A compromized user session termination by Administrator

    Broadcom Employee
    Posted Jan 06, 2021 10:06 AM
    Hello Vlad, 
    This is an excellent question. In the AdminUi you can flush a specific user cache. 

    When a user successfully authenticates, the Policy Server begins a session for the authenticated user.
    During the session, the web agent stores authorization information in the user cache.
    Consider the following:
    • If you change user access rights, it can be necessary to force the Policy Server to flush user session information from the web agent cache.
    • The option to flush user caches is only enabled for administrators that have permission to manage users.
    Follow these steps:
    • Log in to the Administrative UI.
    • Click Administration, Policy Server, Cache Management.
    • Select one of the following options in the User Session Caches section.
    • All:  Flushes all user sessions from the user cache.
    • Specific User DN
      Flushes a specific DN from the user cache.
      If you select this option:
    • Select the user directory from the Directory list that contains the DN you want to remove.
    • Enter the distinguished name in the DN field. Specify a user DN, not a DN of a group. If you do not know the DN, click Lookup and search for the DN.
    • Click Flush.
      SiteMinder  flushes the respective users from the user cache. This process takes up to twice the time specified by your Policy Server poll interval while the Policy Server synchronizes caches.
    • Click Submit.
      The user session caches are cleared.

    I hope this helps.  

    James Atchley

    SSO Support - Broadcom




  • 3.  RE: A compromized user session termination by Administrator

    Posted Jan 12, 2021 01:36 PM
    Thank you, it worked.


  • 4.  RE: A compromized user session termination by Administrator

    Broadcom Employee
    Posted Jan 12, 2021 02:32 PM
    Hello Vlad, 
    Thank you for that update!
    I'm glad to hear it worked. 
    -James