Session Management

The Sessions option on the menu bar allows several production-stage administrative activities:
capam32
HID_SessionPanel
The 
Sessions
 option on the menu bar allows several production-stage administrative activities:
  • Manage Sessions
     – View and control (authenticate/terminate/record) user login and connection sessions.
  • Logs
     – View the session log entries, which show user session activity.
  • Session Recordings
     – View a list of recordings, and optionally view any recording (in a separate viewer application).
View the List of Managed Sessions
The 
Manage Sessions
 page shows a list of the current user sessions. The columns in the table include:
  • User:
     Shows the login session for a specific user.
  • Duration: 
    Indicates a single instance of a connection to a device within a login session. A single line-item within a User login item represents a session. Each user login can independently establish a session with a device. As with similar lists throughout the Administration menus, the list can be ordered on any user login column.
  • Timeout: 
    Indicates the time remaining until the login session times out. After the session expires, the user is automatically logged out.
  • Type -
    Describes the session type, such as Access.
  • Authentication Type
    - Indicates whether authentication is local or remote.
  • Connections
    - Shows the number of connections that are made by a user.
Idle time is the duration in which there is no communication between the client UI and
Privileged Access Manager
.
Do not confuse the Timeout setting for the user session with the Login Timeout global setting. If Login Timeout is set to zero at the time the user session is established, the Timeout value for the session is always “NEVER”.
When the corresponding Login Session begins an active Connection Session, the Timeout countdown is suspended. In place of the current Timeout value, there is a 
UNDVC
 placeholder. When every active session closes, the Timeout countdown resets to the global Login Timeout value, and a new countdown begins. When the Timeout value is changed while a Login Session is active, that Login Session continues to use the previous Timeout value.
Manage Individual User Sessions
From the
Manage Sessions
page, you can select a currently logged-in user from the list and take the following actions:
  • View
    – Select View to display information about the user, such as name, email, 
  • Logout 
    – Select Logout to terminate the session for the user.
  • Re-authenticate
    - Select Reauthenticate to force the user to log in again. Forcing users to reauthenticate suspends any active applets. This setting also stops the ability to perform administrative function until you give your password. After you provide your password, your session resumes where you left off.
Manage Sessions Using Selected Criteria
The
 I WOULD LIKE TO
 button on the Sessions page lets you control user and device connection sessions for one or more sessions. For instructions about using this control, go to Manage Sessions Based on Specific Criteria.