We have a requirement of disabling the SFTP for Linux terminal and Drive Mapping for RDP. This can be achieved from the PAM UI under Global Settings > Applet Customization, following the below documentation:

• RDP Drive Mapping: When you enable this feature, a mouseover popup appears with a list of the mapped client Windows drives. Each available drive can be selected using a checkbox for mapping.
• SSH Terminal File Transfer: When "Enable SCP/SFTP" is selected, the MindTerm based SSH Access Method applet provides the menu items "Plugins, SFTP File Transfer" and "Plugins, SCP File Transfer". Each menu item invokes a new applet window to operate SFTP or SCP, which provides a file transfer interface. See Display and Access Devices for details on the controls.

We would like to know:

If the enabling the below option, is any downtime involved?

If the options are enabled by the PAM admin, will they be reflected in active sessions?

How can we force the changes to reflect in the active sessions immediately?

The change will become effective immediately for new RDP/SSH-sessions opened after the configuration change - no downtime / reboot / re-logon is needed of the PAM Server or the PAM Client.

To force closing existing sessions you can use PAM's Session Manager (Sessions / Manage Sessions)

- highlight the relevant user session

- use Logout / Re-authenticate to close the active User Session to PAM (this will also close all access sessions to RDP/SSH targets of this user)

- alternatively use View / Disconnect any Active Sessions to force closing the access sessions to RDP/SSH targets of this user only

We suggest to thoughtfully configure Login / Applet Timeout which will then close idle user sessions / target sessions, respectively.