[Tips & Tricks] How to prevent concurrent logins for a user in ADSelfService Plus

[Tips & Tricks] How to prevent concurrent logins for a user in ADSelfService Plus

Concurrent logins can lead to the use of valid credentials by illegitimate personnel at the same time as the legitimate user to authenticate to the network. This could lead to multiple security issues within the organization like misuse of the user's personal information or resources to perform unauthorized actions. This can also result in the user being wrongly held accountable for the harmful actions of another user with malicious intent.

 In ADSelfService Plus, when a user is logged in from multiple clients, it increases the chances of credentials being misused to perform illegitimate password self-service operations. Additionally, they can also use its single sign-on (SSO) feature to login to other applications, and access important data that they might have.   

 To eliminate such security risks, ADSelfService Plus provides an option to deny concurrent sessions for a user. 

Steps to be followed:

·         Log on to ADSelfService Plus web console with admin credentials. 

·         Click on the Admin tab. 

·         Navigate to Product Settings → Connections.

·         Check the Deny Concurrent Logins box. Once enabled, the user will not be able to further login from another device. Other active sessions will not be affected by this change. 

Note: This checkbox will be disabled when Session Expiry Time is set to Never Expires

 

Attempts to log in to the ADSelfService Plus application when there is another active session in a browser or mobile app will result in the following error message. 

Browser:

 

        

Mobile app:

              

Reset the user's active session status

When Deny Concurrent Login option is enabled, if a user closes a browser which has an active ADSelfService Plus session, the user will not be able login again until the idle session time expires. To avoid such inconvenience, you can configure ADSelfService Plus to reset the user session status. 

Steps to be followed to change the session status

·         Navigate to Admin tab → Product Settings → Connections.

·         Click the blue question mark bubble near the Deny Concurrent Login checkbox.

·         A dialog box with an alert message will pop up. 

·         Select the click here link in the message to reset the session status of the users.Once enabled, the user can now log into their ADSelfServicePlus portal again even if the previous sessions were terminated incorrectly, without waiting for the idle session time to expire. 

·         Click Save.

 

                            

Like this tip? Get the most of ADSelfService Plus by checking out more tips and tricks here.

 
        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial





                            Related Products