Created on 03-23-2023 12:21 AM
One of the customers has a use case where he wants to enforce the reset password and also wants to throw the user out of any active logged-in sessions. Can someone help?
Created on 03-23-2023 03:35 AM
If this is a customer request, please open an NFR. We need to modify existing Active Directory connector to achieve this use case..
Created on 03-23-2023 03:49 AM Edited on 03-23-2023 03:51 AM
Hello Swapnil, "... also wants to throw the user out of any active logged-in sessions."
Does it mean logging off active Remote Desktop session for the user in a specific windows machine?
Created on 03-23-2023 03:52 AM
Yes, this means logging off from all the active sessions the user has in the environments. In this case, he might be logged into multiple such systems.
Created on 03-24-2023 07:05 PM Edited on 03-24-2023 08:00 PM
Please share any configuration settings example in MS Windows AD server that provides the ability to expire all sessions for an AD user.
The example command or step should be WinRM PowerShell Remoting or PowerShell over MS windows OpenSSH server , or a LDAP query into AD to change the configuration setting of the target user.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.