User records contain all persistent cookies, SSO information, personal bookmarks, and other resource preferences for users who authenticate to the Pulse Connect Secure device. User Records are stored within each respective PCS Authentication server instance and can be viewed from Authentication > Auth. Servers > Users tab.
When a user signs in and is authenticated by a server instance on the PCS, a new user record will automatically be created and will be added to the list of users on the corresponding authentication server's "User" tab. The user record is stored on the backend authentication server (Active Directory, Novell, RSA, ACE, etc) and gets stored in cache on the PCS device. If a user record is deleted, it will be created again when the user signs in again. Local Authentication server instances are an exception, as the user accounts are stored on the PCS server rather than a corporate backend authentication server.
The device keeps a real-time count of all User Records (stored on the device). This can be displayed on the main dashboard page of the PCS going to System > Status > Overview and selecting Page Settings and enabling the option for State Storage.
If the user does not have any 'persistent' data, then their user record will subsequently be deleted from the PCS, about 15 minutes after the user logs out.
However, if any of the below criteria's are met, then the user record will remain 'persistent' and as a result, the user record will not be deleted and remain on the PCS, until forcefully deleted or until they no longer meet the criteria listed below:
- User belongs to the Local Authentication authentication server.
- User is allowed to add bookmarks for any of the access mechanisms (Web, Files, SAM, Terminal Services, Telnet/SSH).
- Persistent cookies and passwords are enabled for the user’s role.
- Single Sign-on (SSO) is enabled for this user.
- User account is quarantined.
- User is configured to be a 'Local Admin'.
- User uses the Secure Email feature.
- User has Secure Meetings scheduled.
- Enabling Show Last Login IP or Time causes all user records to be persistent.
Note: Last Login IP can be enabled in the PCS appliance under System > Configuration > Security > Miscellaneous.