Window server 2022: limit the number of concurrent logins from members of a security group

Question

We have a few hundred security groups with a different number of members each. We need to limit the use of our infrastructure to each group according to their needs and budget so that each group has a limit of simultaneous logins available for their users. For example, one group has 100 members, and we need to allow only 35 of those users to log in at the same time, while other group has 250 members, and we need to allow 50 of them to log in simultaneously, and so on.

What parameter can we configure in our AD to make this happen?

Thank you very much for your help.

Answer 1

Hi Rafael Funes 17,

Thank you for posting in the Microsoft Community Forums.

With the initial functionality of the server the odds are that your requirements are not achievable. It is not possible to control the number of concurrent logins per group with group policies, registries, etc.

You may need to write a script to periodically check the number of login sessions per security group and disconnect additional sessions when the preset limit is reached.

Or take advantage of utilizing a third-party tool, consider using a third-party IAM system, which typically provide a higher level of access control and session management capabilities, including concurrent login limits.

IAM systems can be integrated with AD, using AD as the identity source and providing additional access control policies on top of that.

At the network or server level, load balancers and session management tools can be used to limit the number of concurrent connections per security group.

These tools can assign and limit sessions based on a user's group affiliation, IP address, or other identifier.

But none of these are relevant to the initial functionality of the server.

Best regards

Neuvi