Solaris BSM events drop session id when escalating privileges.

Document ID:7018623
Creation Date:15-Feb-2017
Modified Date:15-Feb-2017
- Micro Focus Products:
  Sentinel

Environment

NetIQ Sentinel 7.x and 8.x Sentinel Server

Situation

Sentinel UNIX agent 7.4 is not forwarding the Effective UserName field to Sentinel for BSM events. Thus when the person switches to another user, the operations are still being shown as done by the logged in user.

Resolution

To resolve this issue on Sentinel install hotfix 7.4 HF14 from https://dl.netiq.com/patch/finder/ location

Cause

Effective UserName of Subject token is not being forwarded to sentinel server. Therefore Sentinel is unable to populate the Effective UserName information.

© Micro Focus. Please see Terms of Use applicable to this content.