1 Reply Latest reply on Aug 3, 2018 10:15 AM by Jonathan.Schmidt

    How do I identify all users logged into the system and assure that they are out?

    mbath61 Apprentice

      We are migrating from Heat Classic, and formerly I could go to Heat Admin, identify active users and lock them out to work on the system.

       

      Now if I go to ISM's OPS Console IT tells me there are 17 active session in my 3 CONFIG tenants, and 31 active sessions in my 3 APP tenants.

      If I go to License Manger for my APP tenants, it tells me I have 2 licenses active in PROD, and 0 active in UAT and STG

       

      I know that Security History in the Admin UI can show sessions, but when i identify a user that has Log In but no corresponding Log Out, choosing the user will not activate the Terminate User button above. Maybe I am not understanding this information display.

       

      TIme out is set for 90 minutes The the above results were for first thing in the morning with no testers logged in. It seems to be sessions where user didn't log out, but thought those should go away in 90 minutes, certainly overnight.

       

      Can anyone clarify this for me and explain the simplest way identify and expel inactive users and free up my licenses?

        • 1. Re: How do I identify all users logged into the system and assure that they are out?
          Jonathan.Schmidt SupportEmployee

          Hi Mike,

           

          This is still possible but it takes a little more effort in 20xx since the license server supports multi-tenancy.  As for locking out new login sessions, you can place the tenant into a maintenance mode.  For more info on that please see the ConfigDB guide relevant to your particular version.

           

          In order to ID currently logged in users you can go to the License Server on your ISM server and click the "Active Licenses".  You can then cross reference the User field, Role and Login/license taken time with the UserSession events in the ISM Security History workspace.  To "kick" each active user out you can highlight their line item and click the "Terminate User Session" button.

          This user will see the logged out due to inactivity dialog on their next UI action:

          If the tenant is in Maintenance mode they'll get and Access Denied even with a good password: