UserLock Documentation
UserLock Documentation

UserLock Frequently Asked Questions

What results (credentials, files, folders, registry...) from the installation of UserLock and its agents on a domain?

Credentials

The credentials required in the Configuration Wizard of UserLock are only stored on the UserLock server. This information is not stored on any other machine.

The impersonation account is used by the UserLock service only. The UserLock Desktop Agent runs as the local SYSTEM account on the associated computer.

The impersonation account is used by the UserLock service to perform remote actions on protected computers: installing the UserLock Desktop Agent, remotely logging off a session from the UserLock console, remotely shut down a computer, etc. When performing any of these action, nothing is stored on the target computer.

Only the UserLock server has locally stored credentials.

Changes made to Files, folders and registry

UserLock service:

  1. Installation folder of the UserLock package:
    By default: "%ProgramFiles(x86)%\ISDecisions\UserLock\".
  2. Full path the registry key: "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ISDecisions\UserLock\".

UserLock Agents:

  1. Desktop: the file is stored in the system folder.
  2. NPS:
    • 1. %windir%\System32\ULIasAgent.dll
    • 2. Full path the registry key: "HKEY_LOCAL_MACHINE\SOFTWARE\ISDecisions\UserLock\IAS"
  3. IIS:
    • 1. HTTPModule: %windir%\System32\UlHttpModule.dll
    • 2. Full path the registry key: "HKEY_LOCAL_MACHINE\SOFTWARE\ISDecisions\UserLock\IIS"

Executable file copied from UserLock server to the workstation if a remote administrative action is done (logoff, lock...):

  1. %windir%\SysWOW64\SessionAgent.exe
  2. %windir%\SysWOW64\SessionAgentUI.exe