Denied logon reports
All logon events and logon attempts are audited and logged in the UserLock database. The following pre-defined reports allow you to display, export and print a history of denied logon attempts on your network. Logons can be denied by Active Directory (for example wrong password) or by UserLock because of the user access rules put in place in UserLock’s protected accounts.
In all the denied logon reports the following filtering criteria are available:
- Session types: Select the type(s) of sessions you wish to include in the report.
- User name: Allows you to filter by a specific user.
- Domain name: Allows you to only display sessions from the selected domain.
- Computer name: Allows you to only display sessions from the selected machine.
- Client address: Allows you to only display sessions from the selected client IP address.
- Client name: Allows you to only display sessions from the selected client name.
All denied logon
This report displays all failed or denied logons on your network.
Additional filters available in this report:
- Concurrent session restriction
- Initial access point restriction
- Machine restriction
- Hour restriction
- Time Quota restriction
- Group restriction
- User blocked
- Invalid user
- Invalid password
- Account locked out
- Client and server clocks are skewed
- Password must be changed before logging
- Active Directory restriction
- Account restriction
- Logon hours restriction
- Account disabled
- Workstation restriction
- Account expired
- Password expired
Logon denied by Active Directory
This report displays all logons denied by Active Directory.
Active Directory deny reason filter is also available in this report (see details above).
Logon denied by UserLock
This report displays all logons denied by UserLock.
UserLock deny reason filter is also available in this report (see details above).
The following pre-defined reports are subsets of the logons denied by UserLock report and make it easy for you to report on a specific UserLock restriction set in place.