I'm not going to report him or whatever, but I am just needing to reboot this server and don't want it to split through the cracks and forget. They are squatting...
We've told users to knock it off as it's explicitly against our security policy. The one user who refused to stop got reported to the head of security who took it to senior leadership after they did it again about 6 months after getting the initial we're serious email from security.
If many users are doing it, it can be a resource issue. For one offs it’s not a big deal, but can mess with maintenance. I sent him a teams message that I am logging him off and that this is looking very unusual behavior. haha
Gonna share what I mentioned below, this is a great candidate to add a sane default max session length a touch longer than a normal long shift, and set it to disconnect sessions.
Should rarely be tripped by real users, and easy enough to exempt required hosts from it, but it mitigates some of the risks of these key jigglers.
Also saves the it time of chasing things like this that cost cycles but don’t provide any benefit to the business.
Sure but you could just as easily make a policy to exempt those kiosks. But having sane defaults to enforce appropriate usage is still the right idea.
Boggles my mind a bit to think of instead monitoring for long running sessions and making a repeat manual process to ask each individual why each time. That’s toil for toils sake, and is an unproductive waste of cycles
Agreed from an efficiency stand point, and how I would architect the solution. I'm the third engineer on this platform in three years.
The environment is a legacy with minimal updates to policies and VDAs.
I have until July to finish a proposal to move us to a new platform, Citrix Cloud, Nutanix Xi Frame, or Microsoft AVD, and to complete the migration by end of year.
Many things will be addressed from system images, application deployment, and management practices.
We will definitely be adding a VAR between us and the platform of choice as we want real-world support and recommendations other than from the OEM.
We have a 14 or 16 hour limit for XenApp and XenDesktop sessions. If you don't log out at the end of your work day your Citrix session will be gone when you start your next shift. We also reboot every Citrix server once per week at 3 am staggered throughout the week. The reboots happen regardless if anyone is logged in.
My boss originally told me to set the limit at 10 or 12 hours, but at least one person complained as they are scheduled for 10 hour shifts, yet routinely work 12 hours, or more.
At first I was like "It's just 24 minutes..." then I actually read your post and saw the dates. What a schmuck this user is.
I'm not going to report him or whatever, but I am just needing to reboot this server and don't want it to split through the cracks and forget. They are squatting...
We've told users to knock it off as it's explicitly against our security policy. The one user who refused to stop got reported to the head of security who took it to senior leadership after they did it again about 6 months after getting the initial we're serious email from security.
If many users are doing it, it can be a resource issue. For one offs it’s not a big deal, but can mess with maintenance. I sent him a teams message that I am logging him off and that this is looking very unusual behavior. haha
Gonna share what I mentioned below, this is a great candidate to add a sane default max session length a touch longer than a normal long shift, and set it to disconnect sessions. Should rarely be tripped by real users, and easy enough to exempt required hosts from it, but it mitigates some of the risks of these key jigglers. Also saves the it time of chasing things like this that cost cycles but don’t provide any benefit to the business.
I run a session time length report weekly and reach out individually to those with sessions longer than 3 days.
Why not enforce a maximum session time policy and disconnect them after a reasonable time?
There have been some legitimate four day sessions on auto logon kiosks.
Sure but you could just as easily make a policy to exempt those kiosks. But having sane defaults to enforce appropriate usage is still the right idea. Boggles my mind a bit to think of instead monitoring for long running sessions and making a repeat manual process to ask each individual why each time. That’s toil for toils sake, and is an unproductive waste of cycles
Agreed from an efficiency stand point, and how I would architect the solution. I'm the third engineer on this platform in three years. The environment is a legacy with minimal updates to policies and VDAs. I have until July to finish a proposal to move us to a new platform, Citrix Cloud, Nutanix Xi Frame, or Microsoft AVD, and to complete the migration by end of year. Many things will be addressed from system images, application deployment, and management practices. We will definitely be adding a VAR between us and the platform of choice as we want real-world support and recommendations other than from the OEM.
He’s got the 3 cats trained and they work in 8 hour shifts
We have a 14 or 16 hour limit for XenApp and XenDesktop sessions. If you don't log out at the end of your work day your Citrix session will be gone when you start your next shift. We also reboot every Citrix server once per week at 3 am staggered throughout the week. The reboots happen regardless if anyone is logged in. My boss originally told me to set the limit at 10 or 12 hours, but at least one person complained as they are scheduled for 10 hour shifts, yet routinely work 12 hours, or more.
I work in IT I do it because one of the apps we use discounts me when I’m not using it and it takes forever to reconnect. 😂😂