I see the same thing on our system. The calls are on queue 390620, same as
yours. We have private queues defined for the following subsystems, so
that rules them out, unless they don't work as advertised:
390601 Alert
390603 Escalation
390620 Fast
390621 AREASM Plugin (arapi)
390622 Flashboards
390623 Email Engine
390624 MidTier
390635 List
390680 Approval, Approval Plugin Loopback, Plugin Loopback
390681 CAIPLUGIN
390698 CMDB (arapi) RE
If I grab the RPC ID from the user log then look at the corresponding
entries in arapi.log, I see the following:
[aradmin@rm00p11 remedy]$ cat arapi.log |grep '0003471068'
<API > <TID: 0000000086> <RPC ID: 0003471068> <Queue: Fast >
<Client-RPC: 390620 > <USER: Remedy Application Service
> /* Wed Feb 08 2012 10:00:36.0531 */+CE ARCreateEntry -- schema
FB:History from Unidentified Client (protocol 14) at IP address
172.31.128.55
<API > <TID: 0000000086> <RPC ID: 0003471068> <Queue: Fast >
<Client-RPC: 390620 > <USER: Remedy Application Service-- Impersonated by
Remedy Application Service --> /* Wed Feb 08 2012 10:00:36.0828 */-CE
OK -- New ID 000000003280901
[aradmin@rm00p11 remedy]$ cat arapi.log |grep '0003471067'
<API > <TID: 0000000093> <RPC ID: 0003471067> <Queue: List >
<Client-RPC: 390620 > <USER: Remedy Application Service
> /* Wed Feb 08 2012 10:00:36.0240 */+GES ARGetEntryStatistics -- schema
HPD:Help Desk from Unidentified Client (protocol 14) at IP address
172.31.128.55
<API > <TID: 0000000093> <RPC ID: 0003471067> <Queue: List >
<Client-RPC: 390620 > <USER: Remedy Application Service-- Impersonated by
Remedy Application Service --> /* Wed Feb 08 2012 10:00:36.0476 */-GES
OK
So it looks like the application statistics function as well as flashboards
are using this function. The interesting thing is that in
flashboards/server.conf, I have the following configuration parameter:
ARServerRpcNumber=390622
I guess it does not look at this parameter.
Axton Grams
On Wed, Feb 8, 2012 at 8:54 AM, David Durling <[email protected]> wrote:
> **
>
> Patrick,****
>
> ** **
>
> I don’t know if this helps at all, but I see “(impersonated)” in my user
> logs, though not for the Remedy Application Service.****
>
> ** **
>
> The logs seem to list impersonations for a) users logging in via the
> midtier and b) mail coming in to the email engine with a “From” that
> matches a User account email address.****
>
> ** **
>
> I don’t have ITSM, nor did we deliberately set up impersonation as far as
> I know –****
>
> ** **
>
> In case this give a clue –****
>
> ** **
>
> David Durling****
>
> Enterprise IT Services****
>
> University of Georgia****
>
> ** **
>
> ** **
>
> ** **
>
> *From:* Action Request System discussion list(ARSList) [mailto:
> [email protected]] *On Behalf Of *patrick zandi
> *Sent:* Wednesday, February 08, 2012 9:18 AM
> *To:* [email protected]
> *Subject:* Re: LOGIN Remedy Application Service (impersonated)****
>
> ** **
>
> ** I was trying to keep this short.... however it appears.. I am not
> making sense.
>
> #1 while looking at the debug logs we see the "LOGIN Remedy Application
> Service (impersonated)" listed.. WHY? I am not asking if it can, that is
> apparent.
>
> #2 It is awesome that we can impersonate as an admin ... HOW? Where is
> this listed in the docs? : Excluding the API way...
>
> #3 is there code that BMC puts in that does this (ITSM).. that we are
> seeing out of the box?
>
> --
> Patrick Zandi
> **
> ******
> _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_
>
_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
