Solved

Session timeouts using forms authentication

Posted on 2006-11-14
5
644 Views
Last Modified: 2013-11-24
We have a customer using CRM in a hosted environment, setup to use forms authentication.  They want their login to remain valid for one hour, but it currently times out right around 20 minutes.  We've set everything we can find in terms of timeouts, but nothing has changed this.  So far, this is what we have configured for timeouts:

* Website in IIS
**Connection timeout: 3600 seconds, HTTP Keep-alives enabled
**Running under ASP.NET 2.0.50727
**ASP.NET configuration: State Management: Session timeout set to 60 minutes (for main site, and Reports & ReportServer under Locations)
**Global ASP.NET configuration: State management: Session timeout set to 60 minutes

*CRMAppPool in IIS
**Recycle worker processes: 1740 minutes
**Shutdown worker processes after being idle: 1500 minutes

The cookie that users get when logging in is set to expire at the end of their session, so it doesn't seem to be a cookie expiration issue.  We've looked through CRM and haven't found anything relating to timeouts.  Any help is appreciated.
0
Comment
Question by:up2speed
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 23

Expert Comment

by:rama_krishna580
ID: 17998491
Hi,

The session Timeout is a sliding expiration time, meaning whatever your page access session state, the expiration time will be moved forward. Note that as long as a page has NOT disabled session state, it will access the session automatically when requested.

One of the things that causes the session to expire is if the bin folder of the project is opened. So first please make sure that doesent happen. Also if the project solution on the server is build even that breaks the session.

Also you can check out these links:
http://forums.devx.com/showthread.php?threadid=99428
http://www.dotnetspider.com/Technology/QA/ViewQuestion.aspx?QuestionId=17
http://www.experts-exchange.com/Programming/Programming_Languages/Dot_Net/ASP_DOT_NET/Q_21084438.html

R.K
0
 

Author Comment

by:up2speed
ID: 18028313
Thanks for the reply.  Unfortunately, it doesn't help.  This is a 3rd party application, not something I wrote.  I don't need info on accessing the session state in an application; I need info on fixing MS CRM's buggy session state timeouts.  As I stated above, all session timeouts have been changed to 60 minutes, but it still times out after 20.
0
 

Author Comment

by:up2speed
ID: 18045947
We've figured this problem out.  The setting is actually stored in the registry on the web server.  The key is HKLM\Software\Microsoft\MSCRM\SessionExpirationMinutes, and is the number of minutes the session can be inactive before it expires.  There is also a list of other registry settings at http://msdn2.microsoft.com/en-us/library/aa683650.aspx
0
 
LVL 1

Accepted Solution

by:
DarthMod earned 0 total points
ID: 18077389
PAQd, 500 points refunded.

DarthMod
CS Moderator
0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Oracle ADF PS_TXN Table is safe to truncate or delete? 5 2,590
data mapping 5 156
Looking for an ERP tradeshow/convention 2 122
File Server Audit - Identify Stale Files 2 71
If you have problems displaying reports in CRM after a new installation, review the following steps: Check that SQL Server Reporting Services is working On the server that has SQL Server Reporting Services (SQL SRS) installed, check that the S…
Messaging apps are amazing tools with the power to do a lot of good, but the truth is the process of collaborating with coworkers requires relationships established through meaningful communication - the kind of communication that only happens face-…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question