The following example will use the values for setting the timeout to be 1 hour / 60 minutes.
The suggested values are:
60 minutes - Application pool
90 minutes - Default Web Site
60 minutes - SelfService or Helpdesk Site
Suggestion is to use same value for Application pool and either the SelfService or Helpdesk and make sure that the Default Web Site value is more than those two values.
NOTE: Once the following steps have been carried out it will be necessary to Restart the Password Manager service and to perform an IISReset for the changes to take effect.
Before making any changes to the files noted below, copy them to a safe location for backup purposes.
WORKAROUND
Here are the steps needed to change the timeout value for either the Self Service or Helpdesk web applications.
- On the Password Manager Server open Internet Information Services (IIS).
- Click on the Application Pools in the left pane.
- Right click on the PMHelpdesk or the PMUser application in the middle pane of IIS and select Advanced Settings.
For 5.5.3 and below: Right click on the QPMHelpdesk or the QPMUser application in the middle pane of IIS and select Advanced Settings.
- In the section labelled Process Model locate the Idle Time-out (minutes) value.
- Change the value to 60 minutes and click OK.
- Click on Default Web Site in the Connections section on the left.
- Open Session State in the middle pane.
- Scroll down to the section for Cookie Settings and change the Time-out value to 90 minutes.
- In the left pane of IIS click the + sign next to Default Web Site and choose PMHelpdesk or PMUser.
- Open Session State in the middle pane.
- Scroll down to the Cookie Settings section and change the Time-out value to 60 minutes.
- Close IIS.
- Open Windows Explorer and navigate to C:\Program Files\One Identity\Password Manager\Web\Helpdesk
Or \User for the Self Service site - Open Web.config in Notepad or similar
- Search for sessionstate
Note: The line is: <sessionState mode="InProc" timeout="20" /> - Change the value of 20 to 60
- Search for timeout again and change the value of 20 to 60
Note: The line is: <forms loginUrl="~/authentication/login" timeout="20" /> - Search again for timeout and change receiveTimeout="00:30:00" to receiveTimeout="01:00:00"
For reference, the complete line and section is:
<netTcpBinding>
<binding name="clientBinding" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:30:00" sendTimeout="00:01:00" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="262144">
Note: Do not enter anything higher than 59 in the minutes and seconds sections. The values are HH:MM:SS (Hours, Minutes, Seconds) - Save and close the file (Web.config)
In Windows Explorer navigate to C:\Program Files\One Identity\Password Manager\Service - Open QPM.Service.Host.exe.config in Notepad or similar
- Search for <binding name="QPM.Service.Services.HelpdeskService.Binding"
- On this line, change the default receiveTimeOut value to "01:00:00" (1 hour)
- Search again for <binding name="QPM.Service.Services.HelpdeskService.Binding"
Note: The second section is just below the first one - On this line, change the default receiveTimeOut value to "01:00:00"
- Also in this section, change inactivityTimeout to "01:00:00"
- Save and close the file
- Open a Command Prompt as Administrator and run iisreset