Hi
We have a customer that has users who access our TSPlus from another Windows 2012 server. When they login quite often (not always) they do not get a new session but instead login to another user's active session. This means they can see and control applications already open by the other user. This used to happen in Windows 2003 because of a bug in Windows but we have not had it happen on Windows 2012 until the last few weeks and we are wondering how to prevent this. A user should obviously only be able to log into a new session or one they created. However because they are all accessing the TSPlus server from the same Windows 2012 server something is not recognizing that they did not create the session they are being connected to.
I should also mention that they use the same Windows Login and password. The only difference is that the Client Name is different. There is an example in the attached image where two users logged in as TS_Bluewave but are two different employees.
We are using TSPLus 9.90.2.20.
Thanks,
Simon
User logs into another users Session.
User logs into another users Session.
- Attachments
-
Re: User logs into another users Session.
Hello,
In the AdminTool, click on the Server tile and click on "Group Policies (GPO)"
Only one session per user.
Check the "Allow users reconnection when sessions are disconnected."
Check also the "Allow automatic reconnections when a session is disconnected."
You can also set up a timeout for disconnected sessions which will cause a disconnected user session to automatically logoff after a while.
If you want your disconnected sessions to terminate quickly, type in 0.5 for 30 sec. Enter 0 if you want your remote sessions to never end.
If your server is the member of a domain, this strategy may need to be set directly on the domain controller.
Open your domain strategy object editor (gpedit.msc) and locate the following strategy :
Computer configuration / Administrative Template / Windows components / Remote Desktop Services / Remote Desktop Session Host / Session time limit /
You can also make sure your domain controller do not prevent local strategies to be executed. This strategy needs to be disabled and is located in :
Computer configuration / Policies / Administrative Template / System / Group Policy / Turn off Local Group Policy objects processing.
Either solution should work, choose the one that fits your preference.
In the AdminTool, click on the Server tile and click on "Group Policies (GPO)"
Only one session per user.
Check the "Allow users reconnection when sessions are disconnected."
Check also the "Allow automatic reconnections when a session is disconnected."
You can also set up a timeout for disconnected sessions which will cause a disconnected user session to automatically logoff after a while.
If you want your disconnected sessions to terminate quickly, type in 0.5 for 30 sec. Enter 0 if you want your remote sessions to never end.
If your server is the member of a domain, this strategy may need to be set directly on the domain controller.
Open your domain strategy object editor (gpedit.msc) and locate the following strategy :
Computer configuration / Administrative Template / Windows components / Remote Desktop Services / Remote Desktop Session Host / Session time limit /
You can also make sure your domain controller do not prevent local strategies to be executed. This strategy needs to be disabled and is located in :
Computer configuration / Policies / Administrative Template / System / Group Policy / Turn off Local Group Policy objects processing.
Either solution should work, choose the one that fits your preference.
Olivier
TSplus support team administrator
TSplus support team administrator
Re: User logs into another users Session.
Okay that basically means that I must setup a number of new users on the server because they are limited to a single session each. If they were to use the HTML client would the problem still exist if I allowed more than one session per user?
The reason this is a challenge is that they allow some third party companies to access the data and I do not wish to be constantly setting up new Windows users every time they enable this feature in the application. In the past we gave them a special Windows user name and password to allow these users access to the Windows server. In the actual application they all have their own logins since they manage this themselves.
Simon
The reason this is a challenge is that they allow some third party companies to access the data and I do not wish to be constantly setting up new Windows users every time they enable this feature in the application. In the past we gave them a special Windows user name and password to allow these users access to the Windows server. In the actual application they all have their own logins since they manage this themselves.
Simon
Re: User logs into another users Session.
I would like to add that some applications are known to not behave well when launched through multiple user session using the same user account. This has been the case for Open Office, when launching some specific features of an application would trigger it in a different location.
I cannot guaranty that using HTML5 connection could solve this issue, but it's worth a try since TSplus connection are labeled differently.
I cannot guaranty that using HTML5 connection could solve this issue, but it's worth a try since TSplus connection are labeled differently.
Olivier
TSplus support team administrator
TSplus support team administrator