UserLock Documentation
UserLock Documentation

UserLock Frequently Asked Questions

Can MFA be applied to non-interactive sessions? (UAC prompts, run as, RSAT, PowerShell, etc)

UserLock cannot protect or audit non interactive sessions including UAC prompts, RSAT connections, Run as, or PowerShell.

Sessions that can be protected by MFA are the following:

  • Local and RDP sessions on workstations and servers running Windows Vista and higher or Windows Server 2008 and higher. See the use case here.
  • Remote Desktop Gateway. See the use case here.
  • VPN sessions managed by RADIUS Challenge or Microsoft Routing and Remote Access Service (RRAS). See the use case here.
  • IIS sessions such as OWA, RDWeb and Sharepoint. See the use case here.
  • SaaS sessions. See the use case here. See here for a full list of compatible applications.