Menu
Is free
registration
home  /  Installation and configuration/ How to throw out 1s of all users. We expel users from the server infobase

How to throw out 1s of all users. We expel users from the server infobase

To carry out routine maintenance in the 1C: Enterprise 8 information base, it is often necessary to obtain monopoly access to the database. For example, to perform a database backup or perform routine maintenance on the DBMS server (reindexing, etc.), you must disconnect all active sessions.

Let's consider a simple way to disconnect users from the infobase using the standard functionality of the 1C: Enterprise server.

Standard functionality

I'll make a reservation right away that we will talk about the client-server version of 1C: Enterprise 8. To disconnect sessions, go to the server administration console. There we will find the required infobase in the list:

Going to the IB properties, set the "Session start blocking enabled" option. In this case, it may be necessary to enter the login / password of the infobase administrator account.

Remember to set the session lockout period. You should also consider that all background jobs must be stopped while the sessions are locked. This is done with the option "Blocking of scheduled tasks is enabled".

If necessary, you can set the text of the message to users to whom they will be notified 5 minutes before the session is blocked, as well as the permission code for entering the infobase during the session blocking period.

The authorization code can be used to enter the infobase to perform routine maintenance while other sessions are inactive. You need to enter the permission code when connecting to the database using the parameters. For example, this is how the parameter passed to the server will look like if the permission code is "123456".

Having entered the database in this way, we will get monopoly access to the information base. Other sessions will not be able to join us.

The notification to the user about blocking sessions looks like this (depending on the message entered by the administrator). It appears every minute 5 minutes before the blocking period.

At the beginning of the session blocking period, a notification appears first:

After the session ends.

You can also disconnect active sessions by removing them from the list of active sessions. This action is sometimes necessary to end hung sessions.

In practice, it is best to report disconnected users in advance to reduce the risk of losing data entered by users but not yet saved.

The need to force user shutdown occurs mainly in the following cases:

  • Updating the information base;
  • Adding a new metadata object to the configuration;
  • Carrying out preventive and repair work on the server;
  • A hung user session preventing the application from restarting.

In this article, we will try to tell you how to end a user session, what tools for performing this task are in the administrator's arsenal, what completion options are provided by the file, and which are the client-server version of 1C operation.

It is important to remember that data loss may occur if the session is forcibly terminated. So in order to avoid unpleasant situations, it is advisable to warn users in advance about the disconnection.

Closing sessions from the configurator

When changes are made to the database structure, dynamic configuration updates are not available. And an information window appears on the screen (Fig. 1).

The sequence of actions in this case is obvious:

  1. It is necessary to press the button "End sessions and repeat";
  2. Wait for the database restructuring window;
  3. Click "OK".

It should be noted that changes made to the program code do not require users to shut down; however, without restarting the application on each specific computer, they will not work on this device.

Ending sessions directly from the program

Most of the standard products of the company 1C of the eighth version have in their set a mechanism that allows you to remotely shut down the user without much difficulty and provide the administrator with exclusive access to the database. This is the "Blocking infobase connections" processing.

You can find it at one of two addresses:

  1. In one of the submenus of the "Service" section;
  2. Going to the section Operations-> Processing.

Fig. 2

The appearance of the processing is shown in Fig. 2.

Features of this processing:

  1. Checking and unchecking the checkbox, and clicking the "Record" button enables and disables blocking users, deleting sessions and preventing the creation of new connections;
  2. The blocking end time cannot be empty or less than its start time;
  3. In the case when the "Permission code" parameter is set, it can be written in the startup line, to ignore the blocking, by specifying "/ UC" before the code;
  4. If you do not specify the "Permission code", then before the expiration of the blocking period it will be problematic to get into the database (in the file mode of operation, you can try to delete the 1CVcdn file from the database folder);
  5. If, instead of the parameter "/ UС" and the password separated by a space, you specify "/ CAllowWorkUsers", where C is Latin, you can completely disable blocking for all users;
  6. Pressing the "Active users" button brings up a window with a complete list of users (Fig. 3), from where you can open the "Registration log" or end the session of each specific user.

Fig. 3

The above two options work fine in both file and client-server modes. Further we will consider cases typical only for server work.

Removing users from rdp

It is important to remember that disconnecting user sessions from servers is possible only if you have certain rights to this action.

When working from a remote desktop, you can end user sessions using the standard task manager. Simple interruption of sessions is a bit wrong, but quite effective way.

The second option is to use the task manager - a remote connection with the ability to control each specific session and exit the program according to all the rules. This method is long, and no one guarantees that while one user is logging out, the program will not be launched by some other employee.

Removing users via the server console

Having administrator rights for a 1C server cluster, you must:


Very often, when working in server mode, hung user sessions are not visible by means of the platform; they can only be deleted through the console.

The most radical way to interrupt sessions

A situation when the above methods did not work happens extremely rarely. But if it occurs, there is another radical way to interrupt connections to the database: physically restarting the server.

Of course, users who do not have time to finish their work and save the data will be extremely outraged by such a shameless attitude, but it is fast and extremely effective.

Hello Dmitry! Please teach me how to expel users forcibly from the database in order to update the configuration. Thanks in advance.

From user: Svetlana Nikolaevna

Hello, Svetlana Nikolaevna!

In order to expel users from the database, you need to have administrator rights.

We go to the section Administration, Support and service:

We choose Blocking users:


From the form, click on the button to view the list of active users.

We fill in the message that users will see on their screens, set the blocking interval (if you do not know the end time, leave the field blank). Set also unlock code since the blocking will also affect your active session, for example, install 1234 .

Push Set lock... A warning message will appear:


We agree. Now in the form it is written in red that the blocking will begin soon.


At this time, active users have the following window:


Closer to the beginning of the blockage, it begins to appear every minute:


The user needs to complete his work in the program and exit. If it does not exit on its own, the program will close automatically. When trying to enter the database, the user will receive the following warning:


The user who has set the block also receives a message:


Let's leave the base.

Because the blocking applies to all sessions of all users, we need to set the launch parameter (this is where we need Unlock code):



On the second tab, we write the parameter for launching the database (where 1234 is our code):


Click done. Now we can enter both the configurator and the user mode.

To unlock the base, you need to return to the lock form and press Unlock.


If the end date of the blocking has been set, then when it occurs, the blocking will end automatically.

- Vasya, from today you start users!
- But I'm a programmer, not a system administrator ?!
- Sysadmins do not know 1C, so you will start users!
- Aaaaa !!!

A programmer is a person who writes programs for a computer. However, the management of the list of users in 1C is usually entrusted to the one who is associated with 1C, namely the 1C programmer.

In principle, some programmers do not mind, since this gives them some "privileges" in their hands.

Nevertheless, the list of users in 1C does not differ much from the lists of users in other programs. Therefore, adding a new user or disconnecting an existing one is as easy as shelling pears.

1C users

So, 1C has its own list of users. With it, access to the 1C database is regulated. When entering the database, 1C will ask you to select a user from this list and enter a password.

There are options in which 1C does not ask for a username to log in. However, this does not mean anything at all . It's just that in this case, the user from the list is mapped to the Windows / domain user and is automatically detected. How

The only option when 1C does not really ask the user is when creating a new (empty) database. In this case, the list of 1C users is empty. Until the first user is added, 1C will log in automatically. A similar system is used in Windows with one user without a password.

1C users differ from each other:

  • Access rights
  • Interface (available in the menu items).

As such, there is no "superuser" or "group of administrators". An administrator is the user who has all rights in the configuration and administration rights enabled. In an empty database (when the list of users is still empty) - just such a user should be added first.

Two lists of 1C users

In fact, 1C has two lists of users. One of them (the list of 1C users) is "real" from the point of view of the programmer. It is located in the configurator. It is according to him that 1C determines the user.

This is the approach of the old typical configurations (for example, trade management 10, accounting 1.6, etc.) - users are edited in this list, and they are automatically added to the user guide when they first log in.

The second (users of version 1C 8.2, "not real") is the users directory (and the external users directory, as in ut 11). The reference book existed before, but the approach of the new typical configurations is that users start in it, and they automatically enter the "real" list.

The main problem of this approach is that those who do not like to work this way and want to do it the same way - they cannot do this, since certain fields are filled in at the establishment, and if you add a user with pens in the list, then they will no longer be picked up in the reference book automatically.

How to add a user to the list of 1C users

So, the list of 1C users is in the configurator. and open the Administration / Users menu.

To add a user, you must press the add button (or Ins from the keyboard). If the list is now empty, then the first user must have administrative rights (see below).

  • Name - username (which he will choose when entering 1C)
  • Full name - reference name, does not appear anywhere
  • Password
  • Show in picklist
    o if the checkbox is checked, then the user will be in the selection list when entering 1C
    o if the checkbox is not checked, then the user will not be in the selection list (that is, it cannot be selected), but you can enter his name from the keyboard and enter
  • Operating system authentication - can be associated with a Windows / domain user and this user will not need to enter a password (it will log in automatically).

On the Other tab, you can select the rights and basic settings of the user.

  • The main interface is a menu that will be available to the user (used only in the thick client)
  • Russian language
  • [Main] Startup mode - thick or thin client, using this parameter you can enter the configuration of the thin client - thick and vice versa
  • Available roles (user rights).

User rights in configurations are usually divided into blocks ("roles"). In the old configuration approach, they were broken down by user positions (cashier, manager, etc.). This approach has a drawback - since in different organizations the cashier and manager may have different functions.

Therefore, in the approach of the new configurations, they are broken down by actions (access to the closing of the month, access to cash transactions). That is, a set of operations is set for each user.

In both cases, you have basic access rights to enter the program. In the old approach, this is:

  • User
  • Full Rights (for administrator).

In the new approach, these are:

  • BasicRights
  • Basic Rights
  • Launching Thin Client - plus LaunchingXxxClient to launch others
  • SubsystemXxx - a check mark for each subsystem (tab in the interface) that the user needs
  • Full Rights (for administrator, not Administration!).

PS. Basic rights are not required for external users.

How to add a 1C user - 1C 8.2 users

The list of 1C 8.2 users in the new version is located in 1C (in 1C Enterprise mode), in the Users and External users directories (only if the configuration supports). The difference is that you should not create users in the configurator, but in this guide, and they will be automatically sent to the configurator.

If you are using a thin client, see the Administration tab of the desktop. Otherwise, open the Users directory, for example, through the Operations menu.

Click the Add button (or Ins from your keyboard). For you to manage the list of users, you must have the FullRights rights enabled.


Unlike the first approach, here you do not directly specify each right (role) to the user, but specify the groups of rights (user groups).

The User groups reference contains a profile that defines a set of rights (roles). In the User group profiles reference, you can change or add such sets of rights (roles).

1C user settings

In some configurations (especially in the configurations of the old approach), it is not enough to create a user. Additionally you need:

  • Login for the first time in the system
  • After that, find the user in the user guide
  • In the form of the reference press (options "or")
    o Menu Go / User Settings
    o Menu Additional information / User settings and Additional user rights
    o In some configurations, this is a plate directly in the user form
    o In some configurations the global menu of the Service / User settings
  • Configure additional settings / user rights that define autocomplete fields and some access.

How to disable a 1C user

[Temporary] user disconnection is not provided in most configurations. Here are the variations you can use to achieve this result.

Old approach configurations (via configurator):

  • Delete user
  • Change password
  • Remove the role User (will not be able to log in).

New Approach Configurations (Through Enterprise):

  • Uncheck the Access to inf. base allowed
  • Change password
  • Exclude from all access groups.

Active users of 1C

1C allows you to find out the list of users who are currently in the database.

To do this, in Enterprise mode, select the Service / Active Users menu (thick client, administrative interface). In the thin client - the Administration tab, on the left Active users (maybe in See also).

In the Configurator mode, select the Administration / Active users menu.

Disconnecting 1C users

As you know, in order to update the database (configuration), it is necessary that all users exit 1C (not in all cases, but often required).

Users do not like to go out (this is a fact). And if you ask them by phone, they will surely come back in 30 seconds. With 200 users, it becomes a lot of fun.

Therefore, there are three ways to disconnect users from 1C:


1. Disconnecting users in the file version of 1C 8.

To disable users in the file version I created a * .bat file with one line

net session / delete / y

It disables all open shared files on the computer on which the database is located.
Then I created a task (Windows Task Scheduler) that would launch this file at the appointed time.
You ask, what about the sessions that are open on the computer, I also eliminated them by creating a new * .bat file with the line

taskkill / IM 1cv8.exe / f
although it turns off all running 1C on the current computer, but for me it was not so scary since the archiving was carried out at night and no one was working in the database, this batch file can also be added to the Windows Scheduler.

2. Disconnecting users in the client-server database.

As in the case of the file base, I used * .bat files.
I created two * .bat files, the first one turns off the 1C enterprise server, the second one turns it on very simply.

net stop "1C: Enterprise 8.2 Server Agent"

net start "1C: Enterprise 8.2 Server Agent"

Added two new tasks to the Windows scheduler, with a time difference of 15 minutes so that all frozen users can disconnect, these actions are the same as Starting the 1C Enterprise server and Stopping the 1C Enterprise server

3. Programmatic way to disable users in 1C

The task was to perform archiving every day at 22:30.
In this way, I did not bother, I created a new role "Do not close1C".
Created a new procedure in a regular application module:

Procedure CompletingUsers () Export If NOT RoleAvailable ("Do notClose1C") Then If Hour (mop_PerformanceOperations onServer.CurrentDateAtServer ())> = 22 Then // get the time on the server StopSystem (False); EndIf; EndIf; End of Procedure

If NOT RoleAvailable ("Do notClose1C") Then If Hour (mop_PerformanceOperationsAtServer.CurrentDateAtServer ())> = 22 Then // get the time on the server StopSystemWorking (False); EndIf; EndIf;

ConnectWaitingHandler ("CompletingUsers", "600");

The function current date on the server looks like this:

Function CurrentDateOnServer () Export
Return CurrentDate ();
EndFunction

Thus, we get the date on the server, if the "Server" checkbox is checked in the properties of the common module, I only checked it.

It turns out that the current code cuts off users for two hours, but usually after midnight no one logs into the database.

If this article helped someone I will be very glad.