26.0 Limiting the Number of Concurrent Active Sessions

In Sentinel 8.2 SP3 or later, you can limit the number of concurrent active sessions you want to allow per user, tenant, or user and tenant. Limiting the number of sessions prevents attackers from launching sessions beyond the allowed limit, in case of an attack.

If you limit sessions per user and tenant, users will not be able to launch sessions after the total number of sessions launched by multiple users, reaches the limit allowed for the tenant.

Sentinel does not limit concurrent sessions, by default. You must configure this limit manually.

NOTE:This feature is available only in non MFA mode.

To limit the number of concurrent active sessions:

  1. Log in to the Sentinel server.

  2. Open the /<sentinel_installation_path>/etc/opt/novell/sentinel/config/configuration.properties file.

  3. (Conditional) To configure the limit per tenant, set the concurrent.overall.sessions property to a required value.

  4. (Conditional) To configure the limit per user, set the concurrent.per.user.sessions property to a required value.

  5. Save the file.

  6. Restart the Sentinel server.