UserLock Documentation
UserLock Documentation
You are here: Upgrade

Upgrade procedure

Minor version upgrade

Concerns a new release for whenever the 3rd or 4th number increments (Ex: 9.7.0.209).

Use the following procedure for each UserLock server (Primary and Backup). The server order is not important here.

Before upgrading, check the following points on each UserLock server to avoid a server reboot:

  • Close all MMC consoles on the server.
  • Close the UserLock administration console.
  • If you use the Web console on the server, restart IIS. Open 'Internet Services Manager' from the administrative tools and click on the server item, and then click on 'Restart' in the "Actions" menu. When done, don't use the Web console until UserLock is upgraded.
  • The application pool of the UserLock Web console 'UserLockAppPool' needs to be stopped during the upgrade process.

1. Install the new version of UserLock without uninstalling the previous one. All components will be automatically updated. After installation, the new version of UserLock will be operational. Don't forget to restart the application pool of the UserLock Web console 'UserLockAppPool'.

2. Optionally, if a new version of the agent is available and you want to benefit from the new version features, upgrade the agent on all your protected computers either manually or using the 'Automatic mode'.

Major upgrade

Concerns a new release for whenever the 1st or 2nd number increments (Ex: 9.7.0.209). This type of update requires a valid maintenance contract.

Please proceed the following prior steps to facilitate a recovery and avoid any loss of the UserLock settings if something wrong occurs during the upgrade procedure.

License

Any major upgrade requires a corresponding license level. We suggest you check the license key previously registered in the UserLock server 'Properties'.

Make sure that the license key is the latest one supplied by our Sales Department and that the maintenance has not expired.

Backup

Before starting the upgrade procedure for your UserLock servers , we recommend that you make a backup of the following:

  • For an update from version 8 or newer, the folder %ALLUSERSPROFILE%\ISDecisions\UserLock\Config which contains the configuration files for UserLock.
  • For an update from version 7 or older, all files with the extension .cfg in the installation folder (C:\program files (x86)\ISDecisions\UserLock).
  • The database which contains all session activity history.

If you are using the default database included with the installation package of UserLock, the name of the database file is UserLock.mdb.

  • For an update from version 8 or newer, you will find it in the folder %ALLUSERSPROFILE%\ISDecisions\UserLock\Database.
  • For an update from version 7 or older, you will find it in the UserLock installation folder (C:\program files (x86)\ISDecisions\UserLock).

If you are currently using an MS SQL Server database, then just launch your usual backup tool for this operation.

If anything happens, these files will allow you to restore the original settings of UserLock.

Database

During the UserLock upgrade process, the database structure will also be upgraded. If your system is an MS SQL Server database, there are some additional requirements depending on the authentication mode implemented:

  • Windows authentication: the user account configured for the 'UserLock Service Impersonation' requires modification rights on the database structure (to add fields in existing tables and to create additional tables).
  • SQL authentication: the SQL account configured in the UserLock database connection string requires modification rights on the database structure (to add fields in existing tables and create additional tables).

These additional rights are only necessary during the upgrade process. You can downgrade the database rights level to its previous status once the UserLock upgrade has been completed.

Messages

Any upgrade to a newer version of UserLock won't modify message content. The upgrade process will only add new messages (when available) to avoid any personalization loss from a previous version.

UserLock operators' permissions

UserLock offers (from version 8 and newer) further granularity when setting permission rights for privileged users. Access to the different features is split into two privileges: 'Read' - to display the section information, and 'Write' - which authorizes modifications. For every registered operator, the upgrade process will translate the permission defined in an old UserLock version to the version 8 and newer in this way:

  • 'Allowed' feature => 'Read' and 'Write' access granted.
  • 'Denied' feature => 'Read' and 'Write' access denied.

We suggest you check and adjust these permissions once the upgrade process has been completed.

Avoiding a reboot

Before upgrading, check the following points on each UserLock server to avoid a server reboot:

  • Close all MMC consoles on the server.
  • Close the UserLock administration console.
  • If you use the Web console on the server, restart IIS. Open the 'Internet Services Manager' from the administrative tools and right-click on the server item, and then click on 'Restart IIS' in the context menu. When done, don't use the Web console until UserLock is upgraded.
  • The application pool of the UserLock Web console 'UserLockAppPool' needs to be stopped during the upgrade process.

Upgrade process

The UserLock upgrade must be performed without changing the installation folder.

  1. Stop the UserLock service on the Backup server if you have one.
  2. Launch the upgrade to UserLock by executing the installation package without uninstalling the previous version. All components will be automatically updated.
  3. Once the Installation Wizard ends, click on finish. The UserLock 'Configuration Wizard' will open. Click on 'Next'.

  4. Select 'Primary Server' as role. Click on 'Next'.

  5. Select the 'Network Protected Zone' which UserLock has to monitor. Click on 'Next'.

  6. Enter an account having administrative privileges on this server, the Backup server and all computers UserLock has to protect. By default, the UserLock service will run on this server as 'NETWORK SERVICE'. The impersonation account entered here will be used when UserLock actions require more rights (agent deployment, remote actions on sessions, etc.).
    Please note:
    • This account will also be used to upgrade the UserLock database if you are using MS SQL Server with the Windows Authentication mode. It requires modification rights on the database structure (to add fields in existing tables and to create additional tables) at least during the upgrade process.
    • No modifications will be made to your Active Directory or its schema.

    Click on 'Next' once this account has been defined.

  7. The Wizard will configure all settings. Click on 'Finish' to launch the UserLock console.

  8. Check that all settings have been correctly migrated from the previous version, specifically the protected account rules and the server 'Properties' settings.
  9. Deploy the new UserLock agent on all protected computers it you want to benefit from the new version features, either manually or using the automatic mode.
  10. Start the UserLock server service on the Backup server if you have one.
  11. Perform the same upgrade procedure on the UserLock Backup server except during the step 2 where you have to choose 'Backup server' as the server type, and where you have to enter the name of the Primary server you've just upgraded.

  12. Don't forget to restart the application pool of the UserLock Web console 'UserLockAppPool'.
  13. Your installation of UserLock has been successfully upgraded. You can now benefit from the newest features.