Messages
This page allows you to localize or customize the default text messages used by UserLock. Messages can be displayed to end users (pop-ups, logoff warnings, logon refusals) or sent as notifications to UserLock operators.
Note
To access this page, go to Server settings ▸ Email settings.
You need at least read permission on Messages to end users to view this page.
Each message field has a maximum number of characters, displayed by a counter in the bottom-right corner.
You can insert dynamic variables to provide more detailed information in the messages. See the list of variables.
Upgrading to a newer version of UserLock does not overwrite customized messages. Only new default messages are added, to preserve existing changes.
Messages related to the Alerts & notifications policy.
Same credential popup: Alerts users if their credentials are used elsewhere on the network.
Welcome message: Optional message shown at logon.
These messages provide transparency to end users when policy rules are enforced.
Messages displayed to end-users when a session is forcibly logged off due to UserLock policies or administrator actions.
Message | What it displays and why | How to trigger it |
|---|---|---|
Count restriction logoffs | Warns the user that their session is closed because the maximum number of allowed sessions has been reached. | Logoff disallowed sessions enabled |
Denied machine logoff | Warns the user that their session is closed because they are not allowed to log on from this machine, after a change in a Machine restriction policy. | Logoff disallowed sessions enabled |
Session length logoff | Warns the user that the maximum session length defined by the Hour restriction policy has been reached. | Maximum session length configured |
Session lock length logoff | Warns the user that the maximum locked time defined by the Hour restriction policy has been exceeded. | Maximum locked time configured |
Time quota logoff | Warns the user that their session will be logged off because their allowed time quota has been used up. | Time quota policy configured |
Time restriction logoff | Warns the user that their session will be logged off because the allowed hours for logon have ended. | Hour restrictions policy configured |
Messages shown on computers when UserLock enforces an action such as:
Restart after installing the Desktop Station
Shutdown initiated from the console
Restart after uninstalling the Desktop Station
These messages are displayed when a user cannot start a new session because of UserLock access restrictions.
Message | What it displays and why | How to trigger it |
|---|---|---|
Close previous initial access points | Informs the user that they have reached the maximum number of allowed Initial access points and must close one to continue. | Enabling Close previous session in a Session limit policy with an initial access point policy. |
Close previous sessions | Informs the user that they have reached the maximum number of allowed concurrent sessions and must close one to continue. | Enabling Close previous session in a Session limit policy with a session limit configured. |
Denied geolocation | Informs the user that logon is denied because the session originates from a forbidden location. | Triggered by a Geolocation policy. |
Denied machine | Informs the user that logon is denied because the machine is not authorized. | Triggered by a Machine restriction policy. |
Group restrictions | Informs the user that logon is denied because their group has reached the maximum allowed concurrent sessions. | Triggered by a Session limit policy on a group or OR with an Group limit configured. |
Initial access point restriction | Informs the user that logon is denied because the maximum number of Initial access points has been reached. | Triggered by an initial access point policy. |
Logon denied | Informs the user that logon is denied because the maximum session count has been reached. | Triggered by a Session limit policy. |
Time quota denied | Informs the user that logon is denied because the allowed time quota has been exceeded. | Triggered by a Time quota policy. |
Time restriction | Informs the user that logon is denied because the logon attempt is outside of authorized hours. | Triggered by a Hours restriction policy. |
Messages displayed to the end-users during Multi-Factor Authentication (MFA), such as:
MFA enrollment instructions (QR code)
Invalid code errors
Help requests and push notification failures
Notifications sent to administrators when users request MFA assistance.
These help administrators quickly identify and respond to MFA-related issues.
Messages and subjects used for alerts sent to UserLock operators by email or popup.
These include notifications of :
In these messages, whenever you see an Insert a variable button, you can insert one of the available variables into the text.
Below is a list of all available variables, organized by category:
Current sessions | |
|---|---|
initialaccesspoint | List of initial access points (comma-delimited) already open for a user before the current logon attempt. This string is null if the user has no other open sessions. |
nbsessions | Number of sessions listed by the sessions variable. |
sessions | List of sessions (comma-delimited) already open for a user before the current logon attempt. This string is null if the user has no other open sessions. |
Denied logon | |
deniedlogons | Number of logons denied by UserLock since the last successful logon. |
refusedlogons | History of all logons denied by UserLock and by Active Directory since the last successful logon. |
refusedlogonsdetails | History of all logons denied by UserLock and by Active Directory since the last successful logon. |
GroupsDenied | List of groups that have reached a maximum session limit preventing the user from logging in. |
License | |
nbusersmax | Maximum number of users allowed by the license. |
Previous logon | |
lastlogontime | Date and time of the last successful logon. |
lastworkstation | Last machine from which the user was connected. |
lastworkstationdesc | Active Directory description field of the last machine from which the user was connected. |
Session event | |
datetime | Current date time. |
SessionEvent | Session event. |
SessionType | Type of session. |
user | Display name of the user attempting to log on or log off. |
useraccount | User account attempting to log on or log off. |
workstation | Name of the current session. |
Time quotas | |
quotainformation | Minimum remaining time quota and the relevant period. |
period | Time quota period. |
User status | |
reason | Action triggering the user status change. |
status | Successful or denied depending on the result of a logon authorization. |
userstatusdetail | Reason for the user status change. |
userstatusold | Previous user status. |