Is there any limitation in Tridion that would stop more than one physical user sharing a single Tridion account for logging in?
Tridion as far as I know wouldn't end the other session or log a user out if both logged on at the same time, for instance.
Our client is getting close to their licence limit and is looking several users sharing a single account. From a business perspective they'll lose the ability to really know who changed what - but there's no workflow in place.
Is this in breach of the Tridion licence to do this?
Cheers
Yes, multiple people can log onto the same Outlook.com account at the same time. You may also be better -if you are a business/organisation- to use Office 365. If your a non profit organisations, you are able to get Office 365 for free.
A shared email account is a single shared email address, often something like support@ or help@, that is used by multiple members of a team or company to send and receive email from a central inbox.
Multi-user accounts allow multiple users with individual logins and varying permissions to use the same account. Multi-user accounts need to be managed carefully using Privileged Account Management (PAM) or a Bastion server to avoid security risks associated with accountability.
A shared account is an account that can be accessed by multiple individuals to accomplish a single shared function, such as supporting the functionality of a process, system, device or application.
Tridion is a stateless application, so although there is authentication there is no concept of log-in or log-out. You could have problems if different users of the account tried to change the same item at the same time (have seen this in training session where a single account was used).
Yes, it would be a breach of the license conditions - typically this is done on a named-user basis, unless unlimited users were allowed (which would probably mean you wouldn't need to do this anyway).
You're right that it would probably work from the software point of view.
But I think we can guess the answer to your license question. After all, it sounds like they are looking at doing this to avoid paying money to SDL for the actual amount of users that they have. I'm not a lawyer but that doesn't sound like a good idea...
AFAIK SDL Tridion uses sessions bound to the browser, so it doesn't matter from that point of view how many of those session use the same user account. There is no option of loggin out, or ending a session for that matter either.
So yes multiple users can use the same user account but they pose themselves a risk. If user A checks out an item and starts working with this, user B (using the same SDL Tridion account as user A) can also open that item and will not get it in read-only mode (like you would if you were using a different account). So the versioning and locking of items are now bypassed and rendered useless.
Lastly this is indeed violating the license agreement as specified in the contract (unless there is an unlimited number of users granted in the contract).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With