Active Directory has no innate method to limit simultaneous logins. There are some third party products that do, but they address workstation logins, not logins using LDAP as a front end.
If CAS has an ability to restrict simultaneous logins I am not aware of it. I've not been asked to do this. With users that have multiple devices - laptop, tablet, phones - simultaneous use restrictions are probably not practical, especially in the EDU environment I worked in. Someone that has used the radius module in CAS needs to fill in details on the following. There could be a way to use the CAS radius module to achieve this. I know that FreeRADIUS has the ability to restrict simultaneous logins. You can use FreeRADIUS with Active Directory as an LDAP authentication source. Setup wouldn't be trivial. From: Jayakumar Jayaraman [mailto:[email protected]] Sent: Thursday, February 26, 2015 4:38 AM To: [email protected] Subject: [cas-user] CAS - Prevent multiple simultaneous user login Hi Guys We use CAS along with Active directory on a Java environment. Do anyone know how to prevent multiple simultaneous login ? We have a requirement not to allow a user to login again simultaneously if he has already logged in. I tried to check the active directory attributes lastLogoff & lastLogon. But these values does not seems to have the updated values. Thanks Jay -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
