Session Lifecycle
The lifecycle properties at the top of the session node govern how long sessions live, how many a user may hold, whether they can reconnect, and the hard ceiling on session duration. These are among the highest-value, lowest-friction controls in a policy.
sessionProperties
| Property | Type | Default | Min / max | Units / notes |
|---|---|---|---|---|
idleTimeoutSeconds * | integer | — | 60 – 86400 | seconds (1 min – 24 h). Inactivity before automatic disconnect. Required. |
maxSessionsPerUser * | integer | — | 1 – 10 | count. Concurrent sessions a single user may hold. Required. |
allowReconnect * | boolean | — | — | Allow reconnection to an existing session. Required. |
disconnectOnIdle | boolean | false | — | On idle timeout, terminate the session (true) versus suspend it (false). |
maxSessionDurationSeconds | integer | — | min 300 | seconds. Hard cap on total session length regardless of activity. |
The rest of the session node is documented separately: Remote Desktop & Audio, Recording, Drive Mappings and Session Isolation.
Sample
"session": {
"idleTimeoutSeconds": 600,
"maxSessionsPerUser": 1,
"allowReconnect": false,
"disconnectOnIdle": true,
"maxSessionDurationSeconds": 3600
}
idleTimeoutSeconds and maxSessionDurationSeconds have global defaults in app.config.xml (<remoteDesktopSettings><idleTimeoutMinutes> and <maxSessionDurationMinutes>, expressed in minutes); policy wins when present and the seconds value is converted internally.
An idle timeout is the single most cost-effective control to set. It shrinks the window in which an unattended session could be misused and frees host capacity. Pair it with disconnectOnIdle: true for kiosk and contractor scenarios.