Highlighted
Acclaimed Contributor.
Acclaimed Contributor.
186 views

Need to give right to kill a user session to non SysAdmin

Hi,

I want to give a specific group the ability to kill a user session, if the user is locking a ticket.  This group will not have SysAdmin rights and they should be able to do it from within Service Manager, not from a command prompt on the server.  Does anyone know how this might be done?

Audrey

0 Likes
10 Replies
Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

Re: Need to give right to kill a user session to non SysAdmin

Hi again,

I've found an old post that had a link out to a very old (2010) post in a different forum about Service Manager.  This was a post written by @Jacob Heubner  and detailed a method to give this ability that involved a couple of new formats, a link, and three wizards.  I'm not sure if it would still work in current versions of Service Manager, but I would like to experiment with it.  The problem is that parts of an important expressions in one of the detailed wizards isn't viewable in the source and entering the expression from another one of the detailed wizards generates an error when I try to save it.  So far I haven't been able to figure out the missing or faulty parts, so I’m hoping maybe someone here can, or knows how I might view the content in it’s properly converted form.  I’m using the term not viewable because when I look at the first expression where I found the post, it looks like this:

$cg.i=0;while ($cg.i

but when I copy and paste it here, weirdly it all appears but looks like this:

$cg.i=0;while ($cg.i<lng($l.processes)) $l.processes)))<br="" in="" $cg.i="" 2="" 1,="" ninfo.id,="" $l.processes);$cg.sessioninfo.id="insert($cg.sessio" 8="" ioninfo.host,="" $l.processes);$cg.sessioninfo.host="insert($cg.sess" 7="" oninfo.tid,="" $l.processes);$cg.sessioninfo.tid="insert($cg.sessi" 6="" oninfo.pid,="" $l.processes);$cg.sessioninfo.pid="insert($cg.sessi" 5="" ioninfo.idle,="" $l.processes);$cg.sessioninfo.idle="insert($cg.sess" 1="" ioninfo.date,="" $l.processes);$cg.sessioninfo.date="insert($cg.sess" 4="" essioninfo.user,="" ($l.not.on="false;$cg.sessionInfo.user=insert($cg.s" then="" $l.processes="$cg.user.id)" (4="" ($cg.i="$cg.i+1;if" do=""> </lng($l.processes))>

I’m not sure of the reason for this, but maybe someone here knows.

Obviously, some parts of this weirdly converted expression are easy to decipher, but other parts not so much.  The second expression that I can’t save in the wizard is this:

$cg.killSession.length=lng($cg.killSession);for $cg.k.index = 1 to $cg.killSession.length do (if ($cg.k.index in $cg.killSession"k" then ($L.void=rtecall("callrad", $L.rc, "signal", {"name"}, {$cg.k.index in $cg.sessionInfo.id}, true)))

This expression actually looks almost normal, except for the “if ($cg.k.index in $cg.killSession"k" then” part.  I’ve tried a few variation of this part, but so far have not figured it out.  I have only been able to save the expression if I remove that whole ‘if’ part.

Here is a link to the old forum post:

https://www.sm-resources.net/articles/48050-kill-user-sessions-without-being-sysadmin

Has anyone here ever followed this link and tried this, or have the expertise to know how to fix the parts of the expressions that have been weirdly converted?

Audrey

0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: Need to give right to kill a user session to non SysAdmin

From a quick glance, this line, "if ($cg.k.index in $cg.killSession"k"  looks like it's missing an operand.

Should look like this"if ($cg.k.index in $cg.killSession = "k" ".

Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

Re: Need to give right to kill a user session to non SysAdmin

Hi Jas1,

Thanks very much for the reply.

That was the first thing I tried, since it looked so obvious, but it still did not allow me to save.

Audrey

 

0 Likes
Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

Re: Need to give right to kill a user session to non SysAdmin

Hi Jas1,

I retyped the whole expression, instead of just copying, pasting and adding the "="k"" and this time it let me save.  I can't see an obvious difference, but there must be one.  Anyway, one down...lol.  Thanks.

Audrey

0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: Need to give right to kill a user session to non SysAdmin

If it worked when retyped but not from direct copy and paste, that normally means hidden unicode characters due to copying from html pages.

You can try the old copy n paste into notepad tip to remove the hidden characters and then copy and paste from notepad into SM.

0 Likes
Highlighted
Super Contributor.
Super Contributor.

Re: Need to give right to kill a user session to non SysAdmin

Hope it will be usefull for you.

 

function KillUser(*integration_user_name*)  {

var rteReturnValue = new SCDatum();

var argNames = new SCDatum();

var argVals = new SCDatum();

argNames.setType(8); argVals.setType(8);

var arrNames = new Array();

var arrValues = new Array();

argNames.push("name");

arrValues.push("kill.user.*integration_user_name*");

var rc = system.functions.rtecall("callrad", rteReturnValue, "se.call.process", argNames, arrValues, false);

}

0 Likes
Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

Re: Need to give right to kill a user session to non SysAdmin

Hi Mai_tai,

Thanks for the response.  So far I have not been able to get this to do anything.  What value needs to be passed as the *integration_user_name*?

Thanks,
Audrey

0 Likes
Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

Re: Need to give right to kill a user session to non SysAdmin

Hi again,

My main requirement is that a specific group needs the ability to unlock a ticket if another user has it locked.  I like the idea that @mai_tai suggested, but I have not been able to get it to work so far. Has anyone had success calling a RAD app to unlock a ticket or kill a user?  If so, what RAD app did you use and what parameters values did you passed to the RAD app to target the correct ticket/user for termination?

Audrey

 

0 Likes
Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

Re: Need to give right to kill a user session to non SysAdmin

Hi,

The good news is that I've been able to access the actual unload of the components in the 2010 post by @Jacob Heubner  in the other forum, so I've got the deciphered expressions.  The solution works!.  The bad news is that it only works consistently in a single host environment.  In a multi-host (horizontal scaling) environment it only work if the person performing the kill of the user session is on the same host as the session being killed.  The RAD app being used for this solution is "signal".  Has anyone used this RAD app before, or just have any idea or thoughts on a way to work around the issue of it only killing user sessions on the same host?

Thanks,
Audrey

0 Likes
Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

Re: Need to give right to kill a user session to non SysAdmin

Hi,

Micro Focus gave me the final piece to get this working.  They identified the other parameters that need to be passed to the 'signal' RAD app, in order for it to terminate users on a different host than the script is run on.  Obviously the important one is the host. So this is now working.  Of course now I've realised that if the user has multiple sessions, I need to identify which one is the session locking my specific ticket...lol.

Audrey

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.