Unable to disable/end sessions and not receiving reports via email.
Problem reported by Ujjaval Patel - May 14 at 5:55 AM
Submitted
On 15.7 (latest version). I stopped getting email reports about 8 months ago and I recently found out the ability to disable or end sessions for users is not working. 

7 Replies

Reply to Thread
1
Derek Curtis Replied
Employee Post
Hello, Ujjaval. I'm testing the email report issue you've mentioned, but I can confirm that ending user sessions when a user is logged in via the web works just fine. We have a 15.7 version installed in house for testing, and that does appear to work as expected. What is it you're trying to do, and what behavior is seen when you say that ending sessions "is not working"?
Derek Curtis
COO
SmarterTools Inc.
(877) 357-6278
0
Ujjaval Patel Replied
Hi Derek,

Both buttons are no action. I have used this feature in the past and it would boot the user right away. I have refreshed the page but the user is still visible and active. I can do a screen share if necessary.
0
Derek Curtis Replied
Employee Post
Ujjaval, if you use the browser's dev tools, are there any errors? Are these actual users you're seeing or are they "anonymous" users? Generally, anonymous users are those who are on the login page, but don't necessarily log in, so there's no session to end or no user to disable.
Derek Curtis
COO
SmarterTools Inc.
(877) 357-6278
0
Ujjaval Patel Replied
They are anonymous users. They are sitting on the login page for over 10 minutes and IP based in China, I suspect they are trying brute force and would like to end the session for them. I am getting an 500 Internal Sever Error. I can't paste a link to the screenshot, can I email it to you?
0
Derek Curtis Replied
Employee Post
Just because they sit on that page doesn't mean they're trying to login or brute force a login...that said, you can modify your mailConfig.xml and modify the length of the block and the retry attempts to kick them for an extended amount of time if they DO exceed the number of login attempts that's set. Realize if you do modify this setting, it affects anyone who tries to login to webmail, not just those with less than honest intentions.

you'll want to look for this in mailConfig.xml (around line 810):

<BruteForceSettings>
<LoginIsEnabled>True</LoginIsEnabled>
<LoginRetries>5</LoginRetries>
<LoginTimeout>10</LoginTimeout>
</BruteForceSettings>

LoginRetries is the number of attempts to occur before the block is enabled.
LoginTimeout is the number of MINUTES the block will be in effect
Derek Curtis
COO
SmarterTools Inc.
(877) 357-6278
0
Ujjaval Patel Replied
Thanks Derek, I will modify the file.
0
Ujjaval Patel Replied
What about email reports not being sent? Is there a fix for that?

Reply to Thread