Service impersonation account
The UserLock service is designed to login as the 'NETWORK SERVICE' account in order to limit its default privileges on the network to the least required.
However, some specific tasks the UserLock service will have to perform, such as the agent deployment or all remote system actions, will require some administrative privileges on target machines.
This step allows you to define an account with the administrative privileges on all machines of the zone monitored by this UserLock server, allowing the service to impersonate when performing these tasks.
Please note: When defining and configuring a UserLock Backup server role, the account specified here also requires administrative privileges on the UserLock Primary server for the synchronization process.