For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Stanislas_Piro2's avatar
Stanislas_Piro2
Icon for Cumulonimbus rankCumulonimbus
Apr 14, 2016

Hi,

you can :

  • Configure AD attributes like starthour and endhour with format : 8:00
  • create variable assign with following expression: 
    • session.custom.starthour = [clock scan [mcget {session.ad.last.attr.starthour}]]
    • session.custom.endhour = [clock scan [mcget {session.ad.last.attr.endhour}]]
  • check if starttime is in expected range with:

Branch expression

expr { [mcget {session.user.starttime}] >= [mcget {session.custom.starthour}] && [mcget {session.custom.endhour}] >= [mcget {session.user.starttime}] }
  • define max session timeout variable to disconnect user at expected hour

session.max_session_timeout =

expr { [mcget {session.custom.endhour}] - [mcget {session.user.starttime}] }

So, you can do what you want...