Concurrent user sessions

A concurrent session occurs when multiple users access FortiPAM using the same account.

By default, a user account may be used to log in concurrently from multiple locations. For enhanced security, this setting can be disabled by disabling Concurrent Log-on in the Other General Setting pane in System > Settings. When you disable the setting, only one session is allowed per user.

See Settings.

Alternatively, in the CLI console, enter the following commands to disable concurrent login.

 config system global
  set admin-concurrent disable
 end

When an admin concurrent session is disabled:

• Additional concurrent admin sessions are blocked while an admin session is active (default)

  OR

• FortiPAM automatically terminates any previous sessions when the admin opens a new session.

This behavior can be changed when the admin-concurrent variable is disabled, allowing you to either block additional sessions or terminate (kick out) previous sessions when a new session is opened:

 config system global
  set admin-concurrent disable
  set admin-new-login-action {block | kick-out} #admin-new-login-action is only displayed when admin-concurrent is disabled, #default = block
 end

Alternatively, use the New Log-in Action option when Concurrent Log-on is disabled in System > Settings to:

• Block additional concurrent admin sessions while an admin session is active (default).

• Terminate any previous sessions when the admin opens a new session.

See Settings.