Forcing a user Log off

If you are having a problem using Vault, post a message here.

Moderator: SourceGear

Post Reply
BBM
Posts: 21
Joined: Sat Jul 29, 2006 3:47 pm
Location: Roswell GA

Forcing a user Log off

Post by BBM » Tue Sep 05, 2006 6:46 pm

Is it possible to use the Vault Admin application to forceably Log a user out of Vault?

I have a user Id that perpetually shows logged into Vault. I'm pretty sure that he's not logged in (it's my user account!) but it shows logged in.

I tried logging into the Vault Admin application as admin, de-activating the account, and then re-activating it. The status reverts from "inactive" to "logged in" when I re-activate the account.

Any suggestions are welcomed.

Thanks.

BBM
Top
lbauer
Posts: 9736
Joined: Tue Dec 16, 2003 1:25 pm
Location: SourceGear

Post by lbauer » Wed Sep 06, 2006 7:27 am

Are you running any automated scripts or the Client API with your account?

If you recycle IIS, that should end your session (and everyone one else's, unfortunately.)

What version of Vault are you using? Is it a problem to be shown as being logged in?
Linda Bauer
SourceGear
Technical Support Manager
Top
BBM
Posts: 21
Joined: Sat Jul 29, 2006 3:47 pm
Location: Roswell GA

Post by BBM » Wed Sep 06, 2006 8:29 am

1) I'm not running any scripts or using the Client API. I have been testing Vault using a laptop with dial-up Internet access so I suspect that an interrupted dial-up session is the culprit.

2) I'll "recycle" IIS if I need to. I assume you are suggesting that I stop the VaultAppPool and re-start it?

3) Yes it is a problem, primarily for security reasons. If someone outside the company has obtained my User Id and password, knows my domain name, and has a Vault Client, they can log into Vault via the Internet (come to think of it I think I'll take myself out of the admin group).

How can I tell if a user is logged in locally versus remotely?

Thanks.

BBM
Top
lbauer
Posts: 9736
Joined: Tue Dec 16, 2003 1:25 pm
Location: SourceGear

Post by lbauer » Wed Sep 06, 2006 9:08 am

I'll "recycle" IIS if I need to. I assume you are suggesting that I stop the VaultAppPool and re-start it?
Yes, that will work.
Yes it is a problem, primarily for security reasons. If someone outside the company has obtained my User Id and password, knows my domain name, and has a Vault Client, they can log into Vault via the Internet (come to think of it I think I'll take myself out of the admin group).
You can change your password, too, in the Vault Admin Tool.
How can I tell if a user is logged in locally versus remotely?
Check the Vault Server log, sgvault.log in %windir%\temp\sgvault. It will show all logins, with username and IP address. This should help you determine if someone is logging in from a location other than yours.
Linda Bauer
SourceGear
Technical Support Manager
Top
Post Reply

Return to “Support (Vault)”