Softpedia >Windows >Network Tools >Misc. Networking Tools >UserLock >  Changelog

UserLock Changelog

What's new in UserLock 11.22.10.0

Feb 16, 2023
  • With the new UserLock Web App, IT teams and help desks can access UserLock from anywhere to easily, quickly monitor and respond to network session activity.
  • Administrators can use the application from any computer, simply with a web browser, without having to install the UserLock desktop console.
  • The new UserLock Web Application is just the first step in a redesigned UserLock interface. Our goal is to integrate all features into a single application, which can be accessed from a desktop or Internet browser, allowing you to manage MFA and user access seamlessly from anywhere.

New in UserLock 11.21.0.120 (Aug 25, 2022)

  • New UserLock Web App:
  • With the new UserLock Web App, IT teams and help desks can access UserLock from anywhere to easily, quickly monitor and respond to network session activity.
  • Administrators can use the application from any computer, simply with a web browser, without having to install the UserLock desktop console.
  • The new UserLock Web Application is just the first step in a redesigned UserLock interface. Our goal is to integrate all features into a single application, which can be accessed from a desktop or Internet browser, allowing you to manage MFA and user access seamlessly from anywhere.
  • For now, this UserLock web application already allows you to:
  • Manage machines and servers and the agents installed on them
  • View Active Directory users and manage their MFA configurations
  • Monitor and react to all active sessions and connected users
  • Receive and respond immediately to MFA help requests
  • Drill down into granular reports, with improved filtering capabilities, on logon events, MFA events, and denied logons
  • Verify in real-time UserLock administrator actions to machines and sessions
  • If you are users of the old UserLock web console, you'll notice that the interface has been significantly changed. Several elements have been renamed, removed or moved, and many new features have been added to improve the user experience. It is not currently possible to view or modify your protected accounts, nor to schedule or export reports. Soon, these features will be available, as well as further improvements that will make it even easier for you to secure network access.

New in UserLock 11.0.0.750 (Apr 9, 2021)

  • What’s New for UserLock 11:
  • UserLock SSO and MFA for Microsoft 365 and Cloud Applications
  • Access Management for Microsoft 365 and Cloud Applications
  • MFA for Microsoft IIS applications
  • MFA recovery codes
  • Enforce MFA for logins from any machine without a network connection
  • MFA | Alternative methods for multi-factor authentication
  • MFA | HOTP for machines without network connection
  • MFA | Using Token2 ALU for multi-factor authentication
  • MFA | Using VPN with RADIUS Challenge for multi-factor authentication
  • UserLock ANYWHERE | New web application to better protect remote connections

New in UserLock 11.0.0.200 Beta (Feb 14, 2021)

  • What’s New for UserLock 11 (Beta Version):
  • UserLock SSO and MFA for Microsoft 365 and Cloud Applications
  • Access Management for Microsoft 365 and Cloud Applications
  • MFA for Microsoft IIS applications
  • MFA recovery codes
  • Enforce MFA for logins from any machine without a network connection
  • MFA | Alternative methods for multi-factor authentication
  • MFA | HOTP for machines without network connection
  • MFA | Using Token2 ALU for multi-factor authentication
  • MFA | Using VPN with RADIUS Challenge for multi-factor authentication
  • UserLock ANYWHERE | New web application to better protect remote connections

New in UserLock 10.21.0400 (Jun 22, 2020)

  • The program used for administrative session logoff hangs when Citrix sessions are logged off.
  • Some messages are in English when UserLock is installed in French on an English Windows server.
  • An error occurs in the "Protected accounts" view if there is at least one temporary protected account and a click is made on the filter icon in the "Account status" column.

New in UserLock 10.20.0300 (Jun 5, 2020)

  • MFA for VPN Connections"
  • Multi-Factor Authentication (MFA) is now available for VPN sessions using Microsoft RRAS (Routing and Remote Access Service) authenticated by the Network Policy Server (NPS).
  • UserLock supports the use of both MSCHAP-v2 and PAP authentication.
  • When initiating a VPN connection, users are required to add a comma (“,”) to the end of the username or password field, followed by the MFA code.
  • We recommend entering the MFA code in the username as it is compatible with MSCHAP-v2 (configured by default) and PAP authentication.
  • Note: If MFA for VPN is chosen, interactive sessions will also be enabled for MFA. The current version does not allow MFA for only VPN sessions.
  • Offline MFA for users not connected to the network:
  • Connections from offline machines can now include multi-factor authentication (MFA). This offers further protection to desktop and laptop computer access, when the machine is disconnected from the corporate network.
  • In addition to requesting MFA, administrators can still choose to always allow or deny offline connections.
  • Offline MFA:
  • IP addresses considered as outside:
  • Remote desktop (RDP) connections that pass through a gateway address (RD Gateway, Citrix…) are by default considered as coming from ‘inside the network’. However, for many administrators, these are remote users connecting from outside the corporate network.
  • To list the IP addresses that should be considered as outside the network, the "IpConsideredOutside" advanced setting (from the UserLock console, press the F7 keyboard key to display the advanced settings dialog box) has been created with the release of UserLock 10.2.
  • This helps ensure MFA is then enabled on all outside RDP connections – including those through a gateway.
  • Remote Assistance:
  • The computer command “Remote Assistance” has been added in the ‘Quick access panel’ of the Agent Distribution view.
  • To be able to use it, the "Remote Assistance" feature must be activated on the computer on which the console is installed (by default, this feature is activated on workstations and deactivated on servers) and "Offer remote Assistance" must be configured in domain policy and allowed in firewalls.

New in UserLock 10.20.0200 Beta (May 21, 2020)

  • MFA for Remote Access VPN Connections:
  • Multi-Factor Authentication (MFA) is now available for VPN sessions using Microsoft RRAS (Remote and Routing Access) authenticated by the Network Policy Server (NPS)
  • (Version 102 or higher of the UserLock NPS Agent is required)
  • UserLock supports the use of both MSCHAP-v2 and PAP authentication:
  • When initiating a VPN connection, users are required to add a comma (“,”) to the end of the username or password field, followed by the MFA code
  • We recommend entering the MFA code in the username as it is compatible with MSCHAP-v2 (configured by default) and PAP authentication
  • Offline MFA for users not connected to the network:
  • Connections from offline machines can now include multi-factor authentication (MFA) This offers further protection to desktop and laptop computer access, when the machine is disconnected from the corporate network
  • In addition to requesting MFA, administrators can still choose to always allow or deny offline connections
  • IP addresses considered as outside:
  • Remote desktop (RDP) connections that pass through a gateway address (RD Gateway, Citrix…) are by default considered as coming from ‘inside the network’ However, for many administrators, these are remote users connecting from outside the corporate network
  • To list the IP addresses that should be considered as outside the network, an advanced setting has been created with the release of UserLock 102
  • This helps ensure MFA is then enabled on all outside RDP connections – including those through a gateway

New in UserLock 10.10.04000 (Mar 25, 2020)

  • Added:
  • Geolocation restrictions.
  • MFA for YubiKey (HOTP programmable token).
  • Ability to apply MFA For all RDP connections or only those originating from outside of the network.
  • UserLock restrictions (including MFA) now also apply to interactive unlocking or reconnection events. If you prefer not to protect these events, configure the new advanced setting "ApplyRestrictionsOnUnlock" to False.
  • Native TLS 1.2 support for the UserLock database (insertion, reports) and e-mails (the SMTP server must support TLS 1.2).
  • The advanced setting "DenyInteractiveConnectionsIfUserLockInaccessible" has been created. If this option is activated and an interactive logon, unlocking or reconnection event is attempted on a computer on which the Desktop UserLock agent is installed, the connection will be refused.
  • Forms authentication is now managed for IIS sessions (new option available in the HTTP module, disabled by default).
  • Improved:
  • MFA cache now uses the client IP address instead of the target name. This concerns the two following MFA modes only: "Every X days" and "After X days...". This is more secure and more intuitive for administrators with many remote desktop sessions (prompted once if they initiate their sessions from the same workstation).
  • MFA data is now kept if the UserLock service restarts.
  • "VPN" and "Wi-Fi" have been separated in the "User sessions" view and in the "Session history" and "Wi-Fi / VPN history" reports.

New in UserLock 10.1 Beta (Feb 24, 2020)

  • Added:
  • Geolocation restrictions.
  • MFA for Yubikeys (HOTP).
  • Ability to apply MFA For all RDP connections or only those originating from outside of the network.
  • UserLock restrictions (including MFA) now also apply to interactive unlocking or reconnection events. If you prefer not to protect these events, configure the new advanced setting "ApplyRestrictionsOnUnlock" to False.
  • Native TLS 1.2 support for the UserLock database (insertion, reports) and e-mails (the SMTP server must support TLS 1.2).
  • The advanced setting "DenyInteractiveConnectionsIfUserLockInaccessible" has been created. If this option is activated and an interactive logon, unlocking or reconnection event is attempted on a computer on which the Desktop UserLock agent is installed, the connection will be refused.
  • Improved:
  • MFA cache now uses the client IP address instead of the target name. This concerns the two following MFA modes only: "Every X days" and "After X days...". This is more secure and more intuitive for administrators with many remote desktop sessions (prompted once if they initiate their sessions from the same workstation).
  • MFA data is now kept if the UserLock service restarts.
  • "VPN" and "Wi-Fi" have been separated in the "U

New in UserLock 9.8.1.0 (Feb 26, 2019)

  • Report on Unauthorized Working Hours:
  • Building on the new working hour reports released with UserLock 9.7, administrators can now easily analyze users’ unauthorized working hours.
  • A new report illustrates clearly the connection times outside of what is defined as the authorized working hours. This makes it easier to manage and react to users’ attendance, overtime thresholds, productivity or suspicious logins.

New in UserLock 6.0 Beta (Apr 19, 2011)

  • Added: Audit and display session with local accounts
  • Added: Protection of IIS authenticated sessions (e.g. control access to Outlook Web Access or an Intranet)
  • Added: Ability to define daily, weekly or monthly quotas
  • Added: Additional type of account protection: OU (Organizational Units) users. Added to protected users and protected groups.
  • Added: Ability to define restrictions on workstations with the OU (Organizational Unit) of computers.
  • Added: Ability to add multiple OUs in a protected zone
  • Added: Specialized reports for RAS sessions (History, Evolution and Statistics)
  • Added: New report that displays the progression of the total number of opened sessions
  • Added: New popup technology to replace the deprecated Microsoft Messenger service technology
  • Added: Ability to send messages (displayed in a popup) to users from the UserLock console
  • Improved: The UserLock service account no longer requires administrative rights on the UserLock server itself
  • Improved: If many protected accounts are configured (more than 100), the protected accounts view is displayed faster
  • Improved: The protected accounts synchronization with the backup server has been optimized (only modified protected accounts are synchronized)
  • Improved: The UserLock service starts faster in case of large AD environment or bad connectivity with domain controllers
  • Improved: User names are updated every 24 hours.

New in UserLock 5.52 (Apr 19, 2011)

  • Fixed: Customized logo header and footer were not displayed when a report was generated from the web interface
  • Fixed: When displaying the session history of a user/computer from the web interface by clicking on the user/computer link, denied logons were not include in the report
  • Fixed: The IAS agent was not writing in its log file in Windows 2008/2008 R2. On these versions of Windows the path of the log file is now c:\ProgramData\ISDecisions\UserLock\UlIasAgent.csv
  • Fixed: Some bugs in the IAS agent on Windows 2008/2008 R2
  • Fixed: The IAS agent was breaking down the computer authentication for Wi-Fi access points
  • Fixed: A compatibility problem with NComputing terminal servers
  • Improved: Recovery of the console if the layout or the default UI settings become corrupted.
  • Improved: The agent automatically increases the retry time interval when trying to send unsubmitted logon events to the UserLock server in order to avoid overloading the server after a long time of unavailability.
  • Improved: Logoff in reason of time restrictions of many sessions on terminal servers
  • Fixed: mail notification were not always sent during the logoff of a member of a protected group
  • Improved: Better error handling when scheduling reports
  • Fixed: If sessions were closed or opened since the last web console refresh a logoff/lock/reset from the web console may be applied on a wrong session.

New in UserLock 5.52 (Apr 19, 2011)

  • Fixed: Customized logo header and footer were not displayed when a report was generated from the web interface
  • Fixed: When displaying the session history of a user/computer from the web interface by clicking on the user/computer link, denied logons were not include in the report
  • Fixed: The IAS agent was not writing in its log file in Windows 2008/2008 R2. On these versions of Windows the path of the log file is now c:\ProgramData\ISDecisions\UserLock\UlIasAgent.csv
  • Fixed: Some bugs in the IAS agent on Windows 2008/2008 R2
  • Fixed: The IAS agent was breaking down the computer authentication for Wi-Fi access points
  • Fixed: A compatibility problem with NComputing terminal servers
  • Improved: Recovery of the console if the layout or the default UI settings become corrupted.
  • Improved: The agent automatically increases the retry time interval when trying to send unsubmitted logon events to the UserLock server in order to avoid overloading the server after a long time of unavailability.
  • Improved: Logoff in reason of time restrictions of many sessions on terminal servers
  • Fixed: mail notification were not always sent during the logoff of a member of a protected group
  • Improved: Better error handling when scheduling reports
  • Fixed: If sessions were closed or opened since the last web console refresh a logoff/lock/reset from the web console may be applied on a wrong session.

New in UserLock 4.02 (Mar 19, 2009)

  • Time restriction
  • UserLock allows defining working hours and/or maximum session time for protected users. Outside of this (these) timeframe(s) and/or when time is up, users will be disconnected with prior warning.
  • End-user assistance
  • Network administrators can enable:
  • an option allowing users to remotely disconnect their previous session as they logon to another computer. This will avoid users from having to go back to the previous computer.
  • a public Web interface to display system usage (per session status) in real time, allowing users to easily find an available computer; the interface can for example display systems available in a room (depending on computer naming convention), ideal for organizations with free access computers.
  • Agent Distribution: View of the agent installation status on all computers of the protected network zone.
  • User sessions: Instantaneous view of all user session at display time.
  • Delegated administration
  • Certain users can be given the ability to view and manage sessions without having access to more critical UserLock settings such as protected accounts configuration, agent distribution …