I have a PMS server at home. No PlexPass in use. Accessed the plex app from a TV at a hotel (completely different unrelated network), whereby the TV displayed a PIN number - which I then authorised at plex.tv/link, and things worked great - we could watch stuff in the hotel. I could see the television listed in my Settings > Devices view.
No longer wish for that TV in the hotel to have access, so I went into Devices on my PMS, and removed it with the red X.
However, that remote TV STILL can open and play stuff from my PMS. When doing so, I click on the “now playing” screen - and there it is - listed. If i go back to Devices, it most definitely is NOT appearing in there.
So my question is, how / why on earth is PMS still permitting this remote TV despite me having removed it from PMS ? (thereby de-authorising it).
Note : there is no “user” authentication occurring at all … the only credentials ever given to the remote TV was that initial 4 digit “link pin”
Note : If i manually go into the TV, and remove my server from “my servers” … this sorts it out, but the issue is that I have to have access to that TV … and there’s a thousand scenarios where it’s desirable to be able to deauthorise from the PMS server.
incidentally, in my Settings > Server > Network , the only IP range in the “List of IP addresses and networks that are allowed without auth” is my home subnet (and it is different to the remote one).
Do you have a reverse proxy?
Try disabling allowing devices w/o authorization.
See:
Keep in mind: a Reverse Proxy makes all requests to the Plex server appear like they are coming from within the local LAN.
If you now combine this reverse proxy with a rule to disable the need to authenticate when a client accesses your Plex server from within the local network, you are wide open to unauthorized access. (Settings - Server - ‘Show Advanced’ - “List of IP addresses and networks that are allowed without auth”)
Cheers guys, the issue was that even after deleting the device from my PMS server … the remote end could still keep playing things. It would show the “playing on TV-Sxxxxxxx” in my “now playing” screen, yet in device view it has been long deleted.
Even rebooting the TV had no bearing! It’s as if plex was holding onto it.
It’s now dropped out, so i suspect it was a cachign / timing issue … but certainly didn’t seem to be a live cut off per se.
Just did another test, authenticated a Samsung TV in my office … connected to the PMS server at home, works great, signed in as me. I delete that TV from my “devices” list … the TV continues working (many hours later).
If i go view “now playing” i can see the TV at work is still happily playing a movie, yet doesn’t appear in the devices list.
Is there some period of time where devices continue to work despite being deleted from ‘devices’ ?
I would reboot the PMS server to see if that flushes the issue, but the wife is playing something at home with a sick daughter, so might need to hold off on that
ps … .i forgot to say, i have not had to actually input my credentials … just the PIN number that pops up on TV …
doesn’t seem to be a way to de-validate that pin number (and removing the device in PMS doesn’t seem to do anything - or perhaps takes a couple of days).
