See all insights
Apply 2FA on Windows AD logins, IIS, VPN, RDP & RD Gateway, Off-network and SaaS connections.
Choose between push notifications, Token2, YubiKey, or authenticator apps as MFA methods.
Secure access to cloud apps with SSO combined with MFA and context-aware restrictions.
Track, alert and respond to all user access activity in real time, and get centralized auditing for detailed reporting.
Control how users access the network based on machine or device, time, session type or simultaneous connections.
Access UserLock from any machine in the network, with all-new features only available in the web app.
Using Active Directory functionality, a System Administrator can define that a user (let us call her Carol this time) is limited to only being able to work from 07:00 am to 05:00 pm.
What really happens if Carol logs on at about 01:00 and remains logged on past 05:00? Windows will not log her off of his workstation at this time, because there is no native control in Windows to perform that.
There is a setting (Local Policies > Security Options) though that might make you think that it would work that way: «Automatically logoff users when logon time expires.» But this setting only applies to file and print servers (SMB component).
Carol logs on at her workstation and accesses a file server. If she remains logged on and accessing this file server past 05:00 pm (provided she has no files open on that file server), when 05:00 pm rolls around, the file server will disconnect her and prevent her from reconnecting to the file server itself. But there is absolutely nothing in Windows that will log her off of her workstation where she is interactively logged on at the console.
This feature is nonetheless required for an Information System to comply with major regulatory constraints, including:
Outside of authorized timeframe(s) and/or when time is up, UserLock will really disconnect users with prior warning.
Share this page:
Free number for US & Canada: + 1-800-492-3951
GMT +1: +33 5 59 41 42 20
© IS Decisions