000012868 - In RSA Archer, Users show as logged in or Login History shows a System Impersonated session type.

Document created by RSA Customer Support Employee on Sep 26, 2016Last modified by RSA Customer Support on May 1, 2019
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000012868
Applies ToRSA Product Set: Archer
RSA Version/Condition: All
IssueFrom Manage Users, nothing happens when clicking the Force Disconnect icon for a logged in user. The user still shows Logged In.

Security Events reports show user logged in, but the user didn't.

Users show as logged in or Login History shows System Impersonated session type.
  1. Open one of the users that should not be logged in.
  2. Click on the Last Login timestamp to see the Login History.
  3. Notice a System Impersonated session type.

User-added image
CauseSystem Impersonated sessions are used for backend processes like Data Imports or sending Notifications.

The System Impersonated sessions should only last long enough to complete the task/process. Unfortunately, there is a known defect where the System Impersonated session remains active.
ResolutionStarting with Archer 6.6, System Impersonated sessions will not be displayed in the Security Events report.
Legacy Article IDa64002