We've noticed on some users computers when they remove there token it locks them out of there RDP session that are in. Which is what we want. However this is always not conistent, sometimes users when the remove there hardware token the RDP session stays logged in. Is there a reason for this? How do ensure that if any user in a RDP session they leave there desk and they remove there token that get locked out and would have reinsert there token to regain access?