Solaris BSM events drop session id when escalating privileges.

  • 7018623
  • 15-Feb-2017
  • 15-Feb-2017


NetIQ Sentinel 7.x and 8.x Sentinel Server


Sentinel UNIX agent 7.4 is not forwarding the Effective UserName field to Sentinel for BSM events. Thus when the person switches to another user, the operations are still being shown as done by the logged in user.


To resolve this issue on Sentinel install hotfix 7.4 HF14 from location


Effective UserName of Subject token is not being forwarded to sentinel server. Therefore Sentinel is unable to populate the Effective UserName information.