UserLock Documentation
UserLock Documentation
You are here: Getting started > Protect a new Active Directory account

Protect a new Active Directory account

Connection rules and restrictions are defined by user, group or user organizational unit through a UserLock entity named 'Protected account'. This entity is internal to UserLock and is based on Active Directory users, groups or user organizational units but without modifying anything in Active Directory accounts, structure or schema.

The following two examples will give you a step-by-step guide on how to create a new UserLock protected account for a group through the two available modes of creation.

Wizard mode

  1. Click on 'Protected accounts' in the menu tree.

  2. When no protected account has yet been created, the screen offers you an opportunity to do so. Click on the 'Protect a new account' button.

    When there is at least one existing protected account, this view displays a list. A 'Quick access' panel is available on the right to launch actions for protected accounts.

    From this panel, click on the 'Protect a new account' button.

  3. By default, a wizard opens to guide you in defining the account to protect. Select 'Group' (as required in this example), and click on 'Next'.

    Note that an 'Advanced mode' button is available in the left-hand bottom corner. This mode allows you to create a protected account through a single step: jump to the 'Advanced mode' example.

  4. If you know the exact name of the group account, then you can type it directly and click on 'Next'.

    Otherwise, click on 'Search' to launch the Active Directory Selector.

  5. Type the beginning of the group name and click on 'Check Names' or if you prefer, launch the 'Advanced' mode instead.

  6. If the search engine finds the exact group, then it will insert its name. Otherwise it will display a list of groups from which you can select the desired group.

    Once the group has been selected, click on 'OK' to come back to the wizard.

  7. The group has been selected. Click on 'Next'.

  8. Click 'Finish' to validate the protected account definition.

  9. To create a temporary protected account designed to define a set of rules valid for a specific period of time, switch the radio button to 'Yes' and set the desired time frame.

    Click on 'Finish' to validate the protected account which will, in this case, be temporary.

  10. Once the protected account has been created, the view moves to a list in which a new line is displayed.

  11. At this time, there are no rules or restrictions set for this protected account.

    Double-click on the line to open the protected account properties and then define rules, restrictions and/or notifications for any user member of this group.

    Please see the section named 'Use cases' to discover how to define rules for a protected account.

Advanced mode

  1. Click on 'Protected accounts' in the menu tree.

  2. When no protected account has yet been created, the screen offers you an opportunity to do so. Click on the 'Protect a new account' button.

    When there is at least one existing protected account, this view displays a list. A 'Quick access' panel is available on the right to launch actions for protected accounts.

    From this panel, click on the 'Protect a new account' button.

  3. By default, a wizard opens to guide you in defining the account to protect. Click on the 'Advanced mode' button in the left-hand bottom corner.

  4. Select 'Group' (as we want in this example) in the 'Type of Active Directory account to protect' drop-down list.

  5. In the 'Active Directory account to protect' text field, directly type the name of the desired group if you know its exact name.

    Otherwise, click on the search button on the right of the text field to launch the Active Directory Selector.

  6. Type the beginning of the group name and click on 'Check Names' or if you prefer, launch 'Advanced' mode instead.

  7. If the search engine finds directly the exact group, then it will insert its name. Otherwise it will display a list of groups from which you can select the desired group.

    Once the group has been selected, click on 'OK' to come back to the wizard.

  8. Click 'OK' to validate the protected account definition.

  9. To create a temporary protected account designed to define a set of rules valid for a specific period of time, switch the radio button to 'Yes' and set the desired time frame.

    Click on 'OK' to validate the protected account which will, in this case, be temporary.

  10. Once the protected account has been created, the view move to a list in which a new line is displayed.

  11. At this time, there are no rules or restrictions set for this protected account.

    Double-click on the line to open the protected account properties and then define rules, restrictions and/or notifications for any user member of this group.

    Please see the section named 'Use cases' to discover how to define rules for a protected account.