We want to require 100% of all non admin users to use the web client only. We need a way to detect unauthorized use of the Windows client and kill the session. Service Manager Version: 9.33 patch 7 What is the best practice to block Windows client logging in and be able to kill that session?
We can use the login.DEFAULT format control to perform this action. Basically a calculation will create a new variable that will take the value of "true" if the user trying to login is a SysAdmin and the value of "false" if the user is not a SysAdmin. The same variable will be used in a validation to send an error message saying "You are not authorized to use the windows client" to the non SysAdmins. Additionally, a subroutine will be execute to call the logoff RAD application when the variable takes the value of "false" Follow these steps to accomplish this request:
-Login as admin
-Type "fc" in the command line
-Search "login.DEFAULT"
-Go to calculations and add a new line as follows:
*add: true
*calculation: $cantAccess=true;if ($G.user.role~="system administrator" and sysinfo.get("Environment")="scguiwswt") then ($cantAccess=false)
-Save the changes
-Go to Validations
-Add a new validation as follows:
*Validation: $cantAccess
*Message: You are not authorized to use the windows client
*Add: $cantAccess=false
-Check the use pop-up messages
-Save the changes
-Go to Subroutines
-Add a new Soubroutine as follows:
*Application: logoff
*Add: $cantAccess=false
-Save the changes
This will deny the access to the non-system administrator users