Active Directory Logon Restrictions For Interactive, Wi-Fi, VPN and
IIS Sessions

Whether access originates on a PC, laptop, tablet or smartphone, from within or outside the office, UserLock can protect and manage Active Directory user logins across all different session types.

Start a free trial Book a Demo
Active Directory Logon Restrictions

Interactive sessions

Workstation and Terminal

Wi-Fi & VPN sessions

Sessions using RRAS or RADIUS

Internet Information Services (IIS) sessions

Intranet, Outlook Web Access…

Secure Login for a Remote and Mobile Workforce

With remote and mobile access quickly becoming the rule rather than the exception, UserLock alleviates this increased risk to enterprise security and protects against inappropriate or suspicious access.

Use Case Example 1

Secure VPN Logon Access to an Authorized Machine

To ensure users can work securely outside of the office, IT administrators can restrict VPN access to an authorized company laptop. Any other access attempt from any other machine is then denied.

Use Case Example 2

Set up and restrict User Logon Access to Wi-Fi Sessions

UserLock’s Wi-Fi session control capability enables organizations to mitigate the increasing network threats that accompany today’s growing BYOD trend. Be sure that whoever is gaining network access, via whatever device, is the owner of those credentials.
Read more

Use Case Example 3

Secure remote Logon to Company Email outside of the office

Many organizations offer employees remote access to their Exchange mailbox through Microsoft web server IIS (Internet information Services). Services include Outlook Web Access (OWA) for web browsers or ActiveSync for mobile access. UserLock can protect these IIS sessions using either ISAPI filters or HTTP modules.

Customization per Session Type

UserLock takes into consideration access from all session types offering an administrator detailed options for monitoring and restricting access to their network.

Granular login restrictions

(origin, number of simultaneous connections and time constraints) that are set and enforced in UserLock can be defined by session type.

Real-time monitoring

displays each session type to make it easy to track who is connected, from where and since when.


can be defined on events by session type(s) to immediately respond to any suspicious behavior and reduce the risk of security breaches.

Record and report

on all logon activity by session type(s).

Get the UserLock Web App

Monitor and respond to network sessions quickly, easily, and from anywhere with the UserLock Web App.


New UserLock Web App

More Context Aware Restrictions

Restrictions by session type work alongside the other UserLock contextual access restrictions (number of simultaneous connections, origin and time constraints) to best protect and secure Active Directory user access.

Simultaneous Connections

Simultaneous Connections

Limit the number of unique entry points and concurrent sessions to prevent simultaneous logins from a single identity.

Read more



Limit access by location with controls at workstation, device, IP range, organizational unit (OU),
department and country.

Read more


Limit access to specific timeframes and set daily, weekly or monthly time quotas, maximum session times and idle session time.

Read more


Request a personalized demo now

Discover how UserLock can help you meet your needs.

Secure Active Directory Credentials with Multi-Factor Authentication (MFA)

Read More