UserLock Documentation
UserLock Documentation
You are here: Reference > Agents > IIS agent > IIS agent technology

IIS agent technology

UserLock can monitor the 'Internet Information Services' (IIS) sessions. This feature allows you to define by protected account the number of maximum concurrent IIS sessions on a specific IIS application like Outlook Web Access or an Intranet site. You can also use the generated logs recorded in the UserLock database to produce reports. To supervise IIS sessions, you need to deploy the UserLock 'IIS agent' and then configure it on the IIS server.

The 'Agent distribution' engine automatically detects servers where 'Internet Information Services' is installed and running. To deploy the UserLock 'IIS agent', you just need to select its corresponding line from the 'Agent distribution' view and click on 'Install' from the 'Quick access' panel or from the context menu. Once the agent is deployed, you need to configure the website settings on the target server in 'IIS Manager'.

  • HttpModules are designed to work only on IIS 7 and higher and can be used to protect a single Web application instead of the whole website.

'In many ways, native-code HTTP modules resemble an amalgamation of the technologies that software developers used to create managed ASP.NET HTTP modules and extensions with earlier versions of IIS.' (source MSDN).


For all authenticated requests, the agent asks the UserLock server whether the connection should be allowed or denied. In the case of a negative answer, an explicit HTML error page is displayed to the end user.


Please note:

  • You can find further documentation about HttpModules on the Microsoft website.
  • Several HttpModules are allowed for the same website/ Web application. You shouldn't encounter any conflict if others are already installed.