-
Title
Non SysAdmin accounts appearing in Sys Admin Activity Logs -
Description
In some cases it has been noted that non Sys-Admin userIDs show as authenticated in the Sys Admin Activity Logs.
Users that do not have sys-admin rights show as authenticated to the TPAM interface, raising a security concern.
-
Cause
TPAM is logging an authentication attempt to the /admin or /config TPAM interface. -
Resolution
TPAM is simply logging an attempt for a non sys admin user account attempting to authenticate to the admin interfaces of TPAM. They are not permitted access to the interfaces, but TPAM is logging the attempt.
The non sys admin users will receive the following message when they attempt to access an interface they do not have permissions to access, and will not be granted access:
"You are not an authorized System Administrator of this system. Please close your browser window, and log in to the /tpam interface with this user id."
The Sys Admin Activity Log logs a Login for the user, and then a subsequent logout after the configured Login token lifespan has elapsed.