Windows Authentication users may experience issues with the number of concurrent users exceeding the maximum license count. Temporary solutions include SQL scripts to purge the USR_SESSION table or an increase in the number of concurrent licenses which involves a new license key. A more permanent solution is available and is described below. It requires a stored procedure modification which is considered a customization and will be replaced anytime there is a software upgrade. It is the Essential administrator's responsibility to manage customizations when they are implemented.
For instruction on Windows authentication session management, click the following links or use the scroll bar to scan the page.
|
|
|
|
|
The USR_SESSION table, as its name suggests, stores user session information in your Essential database. Data is fed to this table based on when users log in and whether or not they are Windows authentication users.
User sessions in Essential are managed in two places.
The duration of the sessions by the web server is set in the Configuration Utility, ConfigureAppSettings.aspx. Application authentication users are expired based on the SessionTimeOut configuration setting.
The timeout of maintaining the session data in the database is controlled by the RemoveExpiredSessions stored procedure. The default timeout is configured to expire Windows authentication users after 24 hours of inactivity. A modification can be made to the stored procedure to reduce the amount of time that a Windows authentication user is logged in. If this change is made, it is considered a customization and the value will be replaced anytime there is a software upgrade. It is the responsibility of the Essential administrator to manage customizations.
To resolve license exceedance issues for concurrent Windows authentication users, configure the SessionTimeOut setting to match the setting in the RemoveExpiredSessions stored procedure. The key difference to keep in mind is the duration for the SessionTimeOut is minutes while the duration in the stored procedure is hours.
Use the Configuration Utility to modify the SessionTimeOut configuration setting. The value entered represents the number of minutes the application will wait for user activity before automatically ending the user's session and requiring the user to log in again. The duration entered should closely match the duration entered for the RemoveEspiredSessions stored procedure when resolving license exceedance issues for concurrent Windows authentication users. Session durations are entered in minutes for the SessionTimeOut setting and in hours for the RemoveExpiredSessions stored procedure.
Note:
Refer to Configurable Settings
for additional information about the Configuration Utility.
To
modify the SessionTimeOut setting
Navigate to http://localhost/<your application root>/configureappsettings.aspx on the web server. (localhost must be used; the server name cannot be specified nor can the utility be accessed remotely).
Choose the E6Engine option from the list for the Select Module to Configure field.
Select the SessionTimeOut setting in the Module Settings Preview list. The currently selected setting is displayed in the Key Name field. A description is provided in the Key Description field.
Enter the appropriate duration in minutes in the Key Value field.
Click Save Setting.
Caution: Before any modifications are made to your database,
consult with your database administrator and perform a backup of your
database.
A modification can be made to the DELETE statement for the USR_SESSION table in the RemoveExpiredSessions stored procedure to reduce the amount of time a Windows authentication user is logged in. The default expires Windows authentication users after 24 hours of inactivity. If a change is made to the stored procedure, it is considered a customization and the value will be replaced anytime there is a software upgrade. It is the responsibility of the Essential administrator to manage customizations.
The session duration entered for the stored procedure should closely match the duration entered for the SessionTimeOut configuration setting. Session durations are entered in minutes for the SessionTimeOut configuration setting and in hours for the RemoveExpiredSessions stored procedure.
Consider active users when modifying the stored procedure. Some Windows authentication users may be required to log in again if they have been inactive longer than the modified duration.
To
modify RemoveExpiredSessions stored procedure
Navigate to your database and locate the RemoveExpiredSessions stored procedure.
Locate the DELETE
statement for the USR_SESSION table and change the DATEADD
(hour X, LAST_ACTION) value (X = the number of hours the application
will wait for user activity before automatically ending the user's
session and requiring the user to log in again).
In the example below, the number of hours has been changed from 24
to 2.
Save your changes.
