FortiSOAR Discussions
Swapnil1
New Contributor II

Ability in the Active Directory connector to forcefully throw the user out of any logged in session

One of the customers has a use case where he wants to enforce the reset password and also wants to throw the user out of any active logged-in sessions. Can someone help?

4 REPLIES 4
skolape_FTNT
Staff
Staff

If this is a customer request, please open an NFR. We need to modify existing Active Directory connector to achieve this use case..

malayamanas_FTNT

Hello Swapnil,  "... also wants to throw the user out of any active logged-in sessions."

 

Does it mean logging off active Remote Desktop session for the user in a specific windows machine?

 

 

MALAYA MANAS PANDA
Professional Services Consultant
Swapnil1

Yes, this means logging off from all the active sessions the user has in the environments. In this case, he might be logged into multiple such systems.

malayamanas_FTNT

Hello Swapnil, 

Please share any configuration settings example in MS Windows AD server that provides the ability to expire all sessions for an AD user.

 

The example command or step should be WinRM PowerShell Remoting or PowerShell over MS windows OpenSSH server , or a LDAP query into AD to change the configuration setting of the target user.

MALAYA MANAS PANDA
Professional Services Consultant