Session Lifecycle

The lifecycle properties at the top of the session node govern how long sessions live, how many a user may hold, whether they can reconnect, and the hard ceiling on session duration. These are among the highest-value, lowest-friction controls in a policy.

Editor Advanced → Session JSON  ·  JSON session

Properties

PropertyTypeDefaultMin / maxUnits / notes
idleTimeoutSeconds *integer60 – 86400seconds (1 min – 24 h). Inactivity before automatic disconnect. Required.
maxSessionsPerUser *integer1 – 10count. Concurrent sessions a single user may hold. Required.
allowReconnect *booleanAllow reconnection to an existing session. Required.
disconnectOnIdlebooleanfalseOn idle timeout, terminate the session (true) versus suspend it (false).
maxSessionDurationSecondsintegermin 300seconds. Hard cap on total session length regardless of activity.

The rest of the session node is documented separately: Remote Desktop & Audio, Recording, Drive Mappings and Session Isolation.

Sample

"session": {
  "idleTimeoutSeconds": 600,
  "maxSessionsPerUser": 1,
  "allowReconnect": false,
  "disconnectOnIdle": true,
  "maxSessionDurationSeconds": 3600
}
app.config.xml override

idleTimeoutSeconds and maxSessionDurationSeconds have global defaults in app.config.xml (<remoteDesktopSettings><idleTimeoutMinutes> and <maxSessionDurationMinutes>, expressed in minutes); policy wins when present and the seconds value is converted internally.

Tip

An idle timeout is the single most cost-effective control to set. It shrinks the window in which an unattended session could be misused and frees host capacity. Pair it with disconnectOnIdle: true for kiosk and contractor scenarios.