When a user submits an authorization request they enter a guess for time and possibly a reason. I found found in my environment that vendors, whom are needed to support some of our equipment, will select the max amount of time available and then come and go several times throughout the requested session time.
The ability to limit users by amount of allowed connections would be great. What I mean is; have a security setting similar to login times, where an administrator can set a number of session connections per request, i.e. I request a session to remote into a server and the administrator has set the session connection to 1, that gives me 1 login for the entire session. This would limit me from requesting 6 hours, starting my session and then logging out 30 min later, then log back in after 20 min, then work for 15 minutes and log out, then wait 45 minutes and log back in. I would be able to login 1 time and work for the 6 hours.