How to block Service Manager Windows clients from logging in?

Question

We want to require 100% of all non admin users to use the web client only. We need a way to detect unauthorized use of the Windows client and kill the session. Service Manager Version: 9.33 patch 7 What is the best practice to block Windows client logging in and be able to kill that session?

Answer 1

We can use the login.DEFAULT format control to perform this action. Basically a calculation will create a new variable that will take the value of "true" if the user trying to login is a SysAdmin and the value of "false" if the user is not a SysAdmin. The same variable will be used in a validation to send an error message saying "You are not authorized to use the windows client" to the non SysAdmins. Additionally, a subroutine will be execute to call the logoff RAD application when the variable takes the value of "false" Follow these steps to accomplish this request:

-Login as admin
-Type "fc" in the command line
-Search "login.DEFAULT"
-Go to calculations and add a new line as follows:

*add: true
*calculation: $cantAccess=true;if ($G.user.role~="system administrator" and sysinfo.get("Environment")="scguiwswt") then ($cantAccess=false)

-Save the changes
-Go to Validations
-Add a new validation as follows:

*Validation: $cantAccess
*Message: You are not authorized to use the windows client
*Add: $cantAccess=false

-Check the use pop-up messages
-Save the changes
-Go to Subroutines
-Add a new Soubroutine as follows:

*Application: logoff
*Add: $cantAccess=false

-Save the changes
This will deny the access to the non-system administrator users