One of the customers has a use case where he wants to enforce the reset password and also wants to throw the user out of any active logged-in sessions. Can someone help?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
If this is a customer request, please open an NFR. We need to modify existing Active Directory connector to achieve this use case..
Hello Swapnil, "... also wants to throw the user out of any active logged-in sessions."
Does it mean logging off active Remote Desktop session for the user in a specific windows machine?
Yes, this means logging off from all the active sessions the user has in the environments. In this case, he might be logged into multiple such systems.
Created on 03-24-2023 07:05 PM Edited on 03-24-2023 08:00 PM
Hello Swapnil,
Please share any configuration settings example in MS Windows AD server that provides the ability to expire all sessions for an AD user.
The example command or step should be WinRM PowerShell Remoting or PowerShell over MS windows OpenSSH server , or a LDAP query into AD to change the configuration setting of the target user.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.