使用ADFS的SharePoint 2013声明身份验证不活动超时设置 [英] SharePoint 2013 using ADFS Claims Authentication inactivity timeout settings

问题描述

你好，

我有一个SP 2013服务器场，该服务器场使用对ADFS的声明身份验证.另外，我可以控制的ADFS从我们域外的ADFS传递SAML令牌.那里 令牌寿命为60.

所需的结果是，用户将在15分钟后退出的闲置状态.

我不想将会话设置为15分钟后超时.我只希望用户不活跃时超时.

当我将ADFS RelyingPartyTrust令牌有效期设置为17并将SharePoint设置为LogonTokenCacheExpirationWindow设置为2，

那不是15分钟的闲置超时时间吗?还是将令牌的寿命设置为15分钟(即使用户仍处于活动状态)?

如果是这样，我如何才能达到15分钟的超时时间，只有用户在15分钟内什么也不做?

解决方案

图里安，

目前，无法实现您的目的

您的将SAML令牌生存期设置为17分钟，而登录令牌缓存将保留2分钟"会导致15分钟的令牌寿命 用户是否处于活动状态.

最好的问候，

艾伦·白

Hello,

I have a SP 2013 farm that uses claims authentication with ADFS. Also, the ADFS I have control over passes the SAML tokens from an ADFS that is outside of our domain. There token lifetime is 60.

The desired result is that the user would be logged out after 15 minutes of inactivity. 

I do not want to set the session to timeout after 15 minutes. I only want the timeout if the user is inactive. 

When I set the ADFS RelyingPartyTrust token lifetime to 17 and the SharePoint LogonTokenCacheExpirationWindow to 2,

shouldn't that be a 15 minute inactivity timeout? Or is that setting the life of the token to 15 minutes, even if the user is still active? 

If so, how would I achieve a 15 minute timeout, ONLY if the user does nothing for 15 minutes?

解决方案

Hi Turian,

Currently, it is not possible to achieve your purpose.

Your solution that "Set SAML token lifetime to 17 minutes, and Logon token cache to 2 minutes" will cause 15 minutes token life time for whatever users are active or not.

Best regards,

Allen Bai

这篇关于使用ADFS的SharePoint 2013声明身份验证不活动超时设置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！