Restricting simultaneous user login on the UAG
-
Monday, November 19, 2012 2:26 PM
Howdy,
Any ideas how I can disable users from logging in multiple times on the UAG?I suspect remote users are sharing login credentials and passwords, but I cannot prove it as they all use the same source IP addresses, with similar machine configuration, i.e. same browser, same AV, same domain, etc.
Therefore I would like to proactively limit each remote user to a single UAG session per trunk.
Is this possible?
Thanks,
Gareth
All Replies
-
Monday, November 19, 2012 3:56 PM
To give you more information, users are launching a Remote Desktop application shortcut to a target server.
I will try enable the 'Restrict each user to a single session' on the Session Host Configuration on the target server but you know what will happen then. Calls will be raised by users because their application does not work.
It will be much better if we can deny them logon at the UAG initially and hopefully I can configure a message to the effect that 'That user account is already logged on.'
-
Friday, November 23, 2012 11:11 AM
It is possible to do this, but it does require some coding.
UAG has various hook files you can add (or edit) post login. (validate.inc, postValidate.inc etc) You could edit these files to maintain a list of currently logged in users and check against this list for each login. If the user is on the list (ie, already logged in) return an message. If not continue with the login.
You also need to make sure that the user is removed from the list when they log off!
So, whilst it is not available 'out of the box' it can do done, depending on your coding skills
-
Friday, December 07, 2012 9:17 AMModeratorOut of the box, its not supported by design
.png)
