gControl Session Timeout Settings
Many a times IT administrators want that if users are using any Google service, and have kept it Idle for a while it should automatically log off. But none of the Google service has this feature. It keeps users signed in as long as they want. gControl offers a solution for this through chrome extension.
Session Timeout is a chrome extension built by Cloudcodes. Hence for this feature to work, user should be accessing the emails via chrome browser and they should have this extension applied on the browser. gControl provides 2 ways of applying extension. To manage the way extension gets applied, administrator can log into gControl control panel and select the “Advanced Setting” option from the quick links on right. In advanced settings go to “gControl Chrome Extension Setting” tab.
You will have 2 options.
-
User Managed: This is the default option. In case of User Managed, user needs to install the extension himself. If the user in Session Timeout policy tries to login, he will not be allowed to log in until the user installs the extension. He will get a prompt in the login page to install extension and a link which will take him to the web store from where he can apply the extension on the browser.
-
Admin Managed: Admin can push the extension to users chrome browser. The instructions to push the extension are shown when the administrator selects the admin managed option as shown below
Note: For admin managed extension to take effect, the end user has to log into chrome at least once.
To get started with creation of Session Timeout policy, get into gControl control panel. Select Gmail Block Settings option from the quick links on right. You will see the following screen
Click on ADD POLICY to get started with Policy creation. You will see the following screen
Fill in the policy details.
-
Title: Name your policy to easily identify it later when you want to make changes.
-
Description: Short description for helping understand the policy if more than one admin is managing the account.
-
Enabled: For some reason if you want the policy to be disabled for some time and re enable it , you can do it using the “Enabled” option’s On and Off button as shown above.
-
Valid Always: You can decide the validity of the policy with Valid Always button. Toggling this you can say whether you want a policy for a stipulated time or a policy which is always applied.
-
Valid From and Valid To: If Valid Always is off, then you will have to provide the date range for which the policy needs to be applied. This way admin need not manually turn off the policy.
-
Session Timeout: By default the option is set to Do not Logout. Admin can choose the Time (in Minutes/Hours) for the user to be logged out of teh session.
-
Show Message: IF this option is checked, user will see a message before getting logged out.
-
Type: You need to select whether your policy is User based or Organization Unit Based. Based on the option selected, the add user section will allow you to add users to the policy. Please note a policy can either be user based or OU based. Once saved, type cannot be changed. And users cannot duplicate across policies.
-
Add User: In this section you can define the users on which this policy should be applied.
-
User Based: This will allow you to add individual users one by one or in bulk via csv. You can also chose all domain users option where all your users would be covered under the same policy.
Add User option will allow you to add users one by one (by providing their domain email id). Import csv will allow you to import a csv of users, so that you can add multiple users at the same time.
-
Organization Unit Based: Following image shows applying of the OU based policy.
All the OUs of your Google apps domain gets listed here and you can apply policy on any OU of your choice. The cross marks (stricken OU names) that you see on the OUs, depicts that these OUs are part of other policies. Hence as mentioned before, the system does not allow duplication of users/OUs.
Note: When the session timeout occurs, user will be logged out of all Google apps accounts on the browser.