|Applies To||Product set: SecurID|
Product: RSA Authentication Manager
Product Version: 8.1
OS: SuSE Linux
OS Version: 10
A user with admin role with lesser privileges is able to terminate the active user session by a super admin
Edit Admin Role — > General Permissions — > Manage Users ---> If I select View option Active user session menu appears with a search option. He can search only the active user sessions and see his own active session only.However, if I enable edit option, "Active User Session Termination" is enabled and he can close any active user session including the active session of a super admin.
|Cause||Incorrect permissions are set when edit option for "Active User Session Termination" is enabled. This issue is reported in defect AM-29337.|
|Resolution||This issue has been resolved in patch 7 for Authentication Manager 8.1 SP1. Download patch 7 from RSA SecurCareOnline for AM 8.1 SP1.|
Note: If an admin has the permission to "Approve" a request he can either approve or reject the request.