Versions Compared

Old Version 4

changes.mady.by.user Josune Cordoba

Saved on

compared with

New Version 5

changes.mady.by.user Josune Cordoba

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

From NMIS 8.7.2 and OMK versions ... the following configurations are available. 

The configurations can work for both NMIS and OMK, but is a requisite that SSO is configured first

Limit the number of concurrent user sessions

This feature will limit the number of sessions that a user can open at the same time. 

Some specific considerations:

  • Keep in mind to close the user session. The session time out is for user inactivity: if the user doesn’t let the server know that the sessions should be closed, it does not have other way to know if the session should be closed. 
  • All the user sessions can be removed by using the nmis8 cli tool.

Global configurations

Should be specified in nmis (/usr/local/nmis8/conf/Config.nmis) and omk (/usr/local/omk/conf/opCommon.json) configuration: 

Code Block
'max_sessions_enabled' = true/false => False by default
'max_sessions' = 0...N => No default. Should be specified
'session_dir' => '<nmis_var>/nmis_system/user_session', => Don't need to change. Should be the same for OMK and NMIS.

The number of max sessions can be changed by user. This is a setting modified in the nmis users file, /usr/local/nmis8/conf/Users.nmis:

Code Block
  'testuser' => {
    'admission' => 'true',
    'groups' => 'network,123,ABC_Corp,Amazon,Any_Company,Branches,Cloud,Core_Network,DataC$
    'privilege' => 'operator',
    'user' => 'testuser',
    'max_sessions' => 10
  },


How to remove the sessions for one user

It is possible to remove all the open session for an user, using the nmis cli tool: 

Code Block
/usr/local/nmis8/bin/nmis.pl type=clean_sessions user=USERNAME debug=1


Block a user not logged in certain period of time

It is possible to block a user if has not logged in for a specified period of time. For example, when set to 3 months, the system will lock an user is has not logged in in the last 3 months. 

  • If an user is not logged in, won't be locked. 
  • The last login time for an user will only be tracked once this versions are update. 

How to set up one account so the user is never locked

Just set up the user setting to 0. 

In /usr/local/nmis8/conf/Users.nmis:

Code Block
  'nmis' => {
    'admission' => 'true',
    'groups' => 'all',
    'privilege' => 'administrator',
    'user' => 'nmis'
    'expire_at' => 0
  },


How to unlock an user

You can use the nmis cli tool. It should be run as root:

Code Block
sudo /usr/local/nmis8/bin/nmis.pl type=unlock_user user=USERNAME debug=1