Skip to main content

Hello everyone, I am having an issue in my enviroment, we have 2 RDS assets who has a load balancer between the PS Server and then. And the session hijacking is occurring only on application session, the access policies is already on the configuration to logoff on disconect, force termination and enhanced session auditing, I tested some ports in the load balancer that are used to deploy the ESA service, 445 and 139, and both were blocked, but even after the release the problem persisted, not all sessions suffer from this problem of session stealing, but it is a significant number that is impacting on the experience of using the tool. Someone can help me with any other alternative to avoid this problem?

 

Thanks

Another alternative is to use GPO to logoff idle Remote Desktop Services sessions.

I would use the “Restrict Remote Desktop Services users to a single RDP session” GPO set to disabled:

“If you disable this policy setting, users are allowed to make unlimited simultaneous remote connections by using Remote Desktop Services.”

It’s in Computer > Admin > Windows Components > RDS > RDSH > Connections

You should also set an idle timeout so as not to allow a build up of stale sessions.

That’s is It’s in Computer > Admin > Windows Components > RDS > RDSH > Session Time Limits.

So you will see your FA or MA (depending on how the application is setup) multiple times:

 

 

Reply


Badge Earners

  • BCSE: Privileged Remote Access
    Kragballehas earned the badge BCSE: Privileged Remote Access
  • BCA: Password Safe
    kgujashas earned the badge BCA: Password Safe
  • BCIE: Password Safe
    kgujashas earned the badge BCIE: Password Safe
  • BCIE: Password Safe
    Vinoth Rajahas earned the badge BCIE: Password Safe
  • BCA: Remote Support
    Pablo Salashas earned the badge BCA: Remote Support
Show all badges
Terms & ConditionsCookie settings