We're a SaaS customer running Release 3700.0.2-rel.36+fbf2221, authenticating users using AD through both LDAP and SAML. For over two weeks at approximately 5:40 PM until 5:42 PM the Blackboard authentication log records hundreds of Logout events of the type "Manual Logout". However, there isn't an IP address associated with the events, which I typically see when a user presses the logout button. Users are reporting they are getting kicked off Blackboard and have been having problems taking tests.
A support ticket was opened with Blackboard but since the authentication is occurring through LDAP their logs are limited. Our network team hasn't seen any issues with the AD server or network logs.
Has anyone else seen this behavior? Or have an explanation for why a "Manual Logout" event wouldn't capture an IP address?