08-06-2015 09:29 AM - edited 02-21-2020 08:23 PM
Hello
- Windows 7 Ultimate 64bit, all updates applied.
- Cisco AnyConnect Secure Mobility Client version 3.1.0809
Since installing the above Cisco product I can no longer switch users on my Windows 7 PC. When attempting to do so I get a message saying Logon Denied - only one user session is allowed.
Can someone please advise how I can use this Cisco product and enjoy the user-switching capabilities of Windows.
Thank you
P.S. This has nothing to do with disabling of fast user switching, the enabling of which is well documented online.
09-02-2015 01:50 PM
Same problems here
- Windows 7 Pro 64bit, all updates applied.
- Cisco AnyConnect Secure Mobility Client version 3.1.05178
Can anyone at Cisco please help since most of our users use this user-switching capabilities of Windows. Thanks
09-02-2015 09:32 PM
Do you have NAM module installed on the PC?
Also "AnyConnect is not compatible with fast user switching."
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect31/administration/guide/anyconnectadmin31/ac03vpn.html#pgfId-1524170
Microsoft Windows allows multiple users to be logged on concurrently, but AnyConnect Network Access Manager restricts network authentication to a single user. AnyConnect Network Access Manager can only be active for one user per desktop/server, regardless of how many users are logged on. For configuring multiple sign-on it is required to change the registry key in Windows.
10-12-2017 05:48 AM
Just in case anyone was wondering what the registry fix is and where to find it.
Microsoft Windows allows multiple users to be logged on concurrently, but Cisco AnyConnect Network Access Manager restricts network authentication to a single user. AnyConnect Network Access Manager can be active for one user per desktop or server, regardless of how many users are logged on. Single user login enforcement implies that only one user can be logged in to the system at any one time and that administrators cannot force the currently logged-in user to log off.
When the Network Access Manager client module is installed on Windows desktops, the default behavior is to enforce single user logon. When installed on servers, the default behavior is to relax the single user login enforcement. In either case, you can modify or add a registry to change the default behavior.
Windows administrators are restricted from forcing currently logged-on users to log off.
RDP to a connected workstation is supported for the same user.
To be considered the same user, credentials must be in the same format. For example, user/example is not the same as user@example.com.
Smart-card users must also have the same PIN to be considered the same user.
To change how a Windows workstation or server handles multiple users, change the value of EnforceSingleLogon in the registry.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{B12744B8-5BB7-463a-B85E-BB7627E73002}
To configure single or multiple user logon, add a DWORD named EnforceSingleLogon, and give it a value of 1 or 0.
11-09-2021 06:56 AM
How can i logon to change the registry key?
10-29-2018 08:28 AM
10-03-2019 12:55 PM
same here
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide