Documentation - V-255340

Title

Azure SQL Database must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect.

Description

<VulnDiscussion>This addresses the termination of user-initiated logical sessions in contrast to the termination of network connections that are associated with communications sessions (i.e., network disconnect). A logical session (for local, network, and remote access) is initiated whenever a user (or process acting on behalf of a user) accesses an organizational information system. Such user sessions can be terminated (and thus terminate user access) without terminating network sessions. Ses...

Fix Text (Documentation Requirement)

Determine the situations when a user-initiated database session must be terminated. Note: The user running the commands shown below requires the KILL DATABASE CONNECTION permission. The server-level principal login has the KILL DATABASE CONNECTION. In the SQL Server Management Studio ,as an authenticated user connected to master database, run the following command to list all user sessions: SELECT c.session_id,host_name,program_name,nt_domain, login_name, connect_time, last_request_end_time FROM sys.dm_exec_sessions AS s JOIN sys.dm_exec_connections AS c ON s.session_id= c.session_id; https://docs.microsoft.com/en-us/sql/relational-databases/system-dynamic-management-views/sys-dm-exec-sessions-transact-sql?view=azuresqldb-current Example output: 76 MyComputer Microsoft SQL ...