I am trying to fully understand the session data ‘retention/persistence’ mechanisms and Epicor interplay with SSRS and Windows RDS. Slightly simplified model description: Client is installed on several load balanced client servers, separate SQL and Application servers.
scenario: UserA has session open and during the day experiences various issues such that UserA closes client app/RDS session/ waits a few minutes for Epicor session to also close. UserA resumes work on a new session and all is well.
Nearly 24 hours later, UserB logs into the system with entirely different user credentials, and is immediately presented with a PDF of a report UserA tried to print the day before.
I know there are various sessions and temp files that make RDS possible and it has always been my understanding that those files and processes are contained within the User Profile folders for each user. How does a doc printed by one user persist for a day and then presented to another user in a new session that that user initiated? It seems that this is a big security issue within Windows/RDS/Epicor/SSRS.
We have now seen this randomly a few times. Any guidance on tuning and or an explanation at a deeper level would be much appreciated.
Not sure this is related, just something weird, similar I remember.
In this case Citrix was used to present E9 and when printing Citrix task record would be generated. In some cases that task record would not clear out… and these had a user NUMBER ID that was generated by the users Citirx session.
Next day when some random user logged into E9 and the Citrix user NUMBER ID that was generated - would be a reused value. So… the report from some other users/day would display on this (the wrong) E9 users session.
P.S.
I think the culprit was an ID in Citrix but… don’t hold me to it, was a really long time ago.
There is a setting you can use, i think in the sysconfig, that allows you to setup specific cache folders. Not sure if it would help.
Search on here for Session Manager as a Service.
Normally, the first RDS user to launch the client, starts the Session Manger. Subsequent user sessions piggy back onto that session manager instance. Things can get squirrelly as different users log in and out.
edit:
here’s a link to the epicore KB
key info:
On an RDS server however, if the Session Manager is not running as a service the user who first launches Epicor “owns” the session manager (it is spawned from their session).
When this user closes Epicor, the session manager that was spawned from their session is also closed, affecting every other user who may still have an active Epicor session on that sever. When that happens, it can cause unexpected results for the other users that logged into after the first user.
Emphasis mine
This was shared with us at an EUG group. Not saying this is what is happening, but this post made me think of it.
Thanks Folks! Awesome peer support!!! Looking into all these tips with our host. Really appreciated it.
With much appreciation,
-Henry