Upgrading SessionLimit to 2.2.1

SessionLimit 2.2.1 includes all capabilities of version 2.2.0, and additionally completes the transition to the .NET 10 platform. For this reason, it is strongly recommended to install or upgrade directly to 2.2.1 rather than deploying 2.2.0.

During this upgrade process, several key changes are applied, including updating the underlying .NET runtime, applying modifications to the database schema, and refreshing application components to align with the new platform dependencies. The upgrade procedure ensures that existing configurations, policies, and audit history are preserved while the system is migrated to the improved runtime and feature set.

Administrators performing the upgrade should follow the documented steps carefully and validate their environment prerequisites before initiating the process. Once completed, the system will operate on the latest SessionLimit architecture with enhanced performance, security, and long-term platform compatibility.

What’s New in 2.2.1

Server-Side Enhancements

This release introduces significant improvements on the server-side platform, focusing on authentication control, directory efficiency, system resiliency, and administrative visibility:

  • Time-Based Session Limit The server now centrally enforces time-based access rules, including working-hour policies, daily session caps, and automatic session termination. These policies are distributed to all agents and actively monitored by the SessionLimit server.

  • Offline 2FA Authentication In scenarios where a client machine cannot reach the SessionLimit server—such as network isolation, VPN unavailability, or restricted environments—the user may still be required to authenticate with 2FA based on policy. For this purpose, SessionLimit introduces fully offline-capable 2FA validation. The agent can locally verify time-based TOTP codes without server connectivity, ensuring that authentication enforcement continues even when the platform is offline. This maintains security expectations and guarantees consistent policy enforcement regardless of network availability.

  • External 2FA Provider Support SessionLimit Server can integrate with external MFA frameworks such as identity verification services, SMS gateways, directory-based MFA providers, or enterprise-level MFA infrastructure. This allows organizations to unify authentication policies across multiple identity systems.

  • Enhanced LDAP & Global Catalog Querying AD querying mechanisms have been optimized to utilize both LDAP and GC endpoints efficiently. The server now accelerates group resolution, cross-domain lookups, and large-directory enumeration with reduced latency and improved cache handling. Additionally, environments leveraging these improvements only need to update their directory connection ports accordingly: use 3268 instead of 389 for Global Catalog queries, and 3269 instead of 636 for secure GC over SSL.

  • Migration to .NET 10 Platform The server backend is now fully built on .NET 10, delivering performance benefits including better async processing, lower memory consumption, faster API throughput, and improved future compatibility with Microsoft’s long-term framework roadmap.

  • Separated 2FA Logging & Visibility In SessionLimit 2.2.1, 2FA-related login events are now separated from general session events in the user interface. Instead of mixing 2FA messages with standard logon/logoff and session activities, administrators can now view authentication challenges, code validations, failures, and offline 2FA actions in a dedicated 2FA Events panel. This improves clarity, reduces noise in event monitoring, and allows administrators to quickly focus on authentication behavior without filtering the main event stream.

Client-Side Enhancements

This release includes several improvements focused on the endpoint agent and its interaction with the SessionLimit server:

  • Traffic Compression Between Agent and Server Communication payloads exchanged over HTTPS channels are now compressed, reducing bandwidth usage and improving responsiveness, especially in distributed or WAN environments.

  • Client-Initiated SessionLimit Request Panel A new user-facing request panel allows users to send session extension or multi-session approval requests directly from the client side, providing a more transparent and controlled workflow for time-based and multi-session policies.

  • Offline 2FA and Offline Event Support The agent can now authenticate users using offline 2FA codes and queue session-related events locally when connectivity is unavailable. These events are securely synchronized once the server becomes reachable again.

  • Performance Optimizations Client-side execution paths, directory queries, cache usage, and authentication flow have been refined to enhance speed and minimize login delays.

  • Security Reinforcements General security hardening has been applied across both the agent and server components. This includes improvements in authentication handling, policy enforcement reliability, data protection controls, and overall system resilience against misuse or circumvention. These enhancements strengthen SessionLimit’s role as a secure access enforcement platform within enterprise environments.

Upgrade Instructions

Supported Upgrade Paths

  • You can upgrade to 2.2.1 from any previous SessionLimit version.

Prerequisites

  • Remove .NET Core 6 Hosting Bundle before upgrade.

  • Remove .NET Core 8 Hosting Bundle before upgrade.

  • Install .NET Core 10 Hosting Bundle before upgrade.

  • Ensure the following permissions:

    • db_owner on the SessionLimit database

    • Local Administrator on the SessionLimit server

Step-by-Step Upgrade Guide

  1. Run the Setup Application and click Install.

  2. After installation completes, click Finish.

  3. FTW.exe will start automatically. If not, manually run it from: C:\Program Files\SessionLimit Server 2.0\FTW\FTW.exe

  4. Click Yes when prompted to use the existing configuration file.

  5. Click Next on the Welcome screen.

  6. Select “Upgrade Existing SessionLimit 2.X.X to version 2.2.1” and click Next.

  7. Verify database information (update Server Name, Port, or DB Name if needed).

  8. Confirm there are no failed prerequisites (no red entries), then click Next.

  9. Once you see “Upgrade Completed Successfully”, click Close.

  10. Restart IIS via Internet Information Services (IIS Manager).

  11. Open the SessionLimit Management Portal and confirm version 2.2.1 is shown at the bottom of the interface.

For questions or feedback, feel free to contact the SessionLimit team.

PreviousUpgrading SessionLimit to 2.1.6NextFirst Time Wizard

Last updated