Temporary protected account allowing to define temporary rules for an account from a start date to an end date. More...
Inheritance diagram for ProtectedAccountTemporary:
Public Member Functions | |
| ProtectedAccountTemporary () | |
| Default constructor. More... | |
| ProtectedAccountTemporary (String accountName, UserLockServer userLockServer) | |
| Constructor from account name and a UserLock server instance. More... | |
| ProtectedAccountTemporary (UserLockServer userLockServer, String line) | |
| Constructor from a UserLock server instance and a ";" separated string with main restrictions of the protected account: "account name;...". More... | |
| ProtectedAccountTemporary (String accountName, UserLockServer userLockServer, AccountPropertyList propertyList) | |
| Constructor from the account name, a UserLock server instance and a bitmask of property group to get from the UserLock server instance. More... | |
| int | InitFromTemporaryName (string s) |
| Initialize the current instance from the temporary name. More... | |
 Public Member Functions inherited from ProtectedAccount | |
| bool | CopyCfg (string idPaToCopyCfgFrom) |
| Copy all configuration of the protected account identified by the parameter to the current instance. Note that account types can be different. More... | |
| override void | SetInfo () |
| Set/update all properties of the protected account to the server. More... | |
| void | SetInfo (AccountPropertyList _enumTabFlags) |
| Set/update select groups of properties of the protected account to the server. See the enum AccountPropertyList. More... | |
| void | SetInfo (AccountPropertyList _enumTabFlags, bool transactAlreadyStarted) |
| Set/update select groups of properties of the protected account to the server. See the enum AccountPropertyList. More... | |
| string[] | GetMembers () |
| Get all members of the protected group/OU. More... | |
| Public Member Functions inherited from ProtectedAccountBase | |
| override void | GetInfo () |
| Get/refresh all properties of the protected account from the server. More... | |
| void | GetInfo (AccountPropertyList propertyList) |
| Get/refresh select groups of properties of the protected account from the server. See the enum AccountPropertyList. More... | |
| void | GetNonInteractiveTabProperties () |
| Reserved for future use. More... | |
Static Public Member Functions | |
Static methods. | |
| static DateTime | ConvertFromStringToDateTime (string s) |
| Convert a date in local time from the "YYYYMMDDHHmmSS" format to a DateTime object. More... | |
| static string | ComputeTemporaryName (string accountName, DateTime startDate, DateTime endDate) |
| [Static] Compute the temporary name from the account name, start and end dates. More... | |
Properties | |
Overriden properties. | |
| override bool | IsTemporary [get] |
| True if this is a temporary protected user. False otherwise. More... | |
| override string | Identifier [get] |
| Get the identifier of the protected account. More... | |
| Properties inherited from ProtectedAccount | |
| virtual bool | IsTemporary [get] |
| True if this is a temporary protected user. False otherwise. More... | |
| virtual string | Identifier [get] |
| Get the identifier of the protected account. More... | |
| Properties inherited from ProtectedAccountBase | |
| virtual bool | IsLockedByUserlock [get, set] |
| True if the user account is locked. False otherwise. Overridden in the ProtectedAccountEffective class. More... | |
| virtual string | LockedByUserlockMsg [get, set] |
| Message displayed to the user when his account is locked by Userlock. More... | |
| Trilean | MfaEnabled [get, set] |
| If the MFA is enabled for this Protected Account More... | |
| int | MfaWorkstationCacheDuration [get, set] |
| The cache for workstation MFA unlocking in days More... | |
| int | MfaServerCacheDuration [get, set] |
| The cache for server MFA unlocking in days More... | |
| Trilean | MfaWorkstationExtendCacheDuration [get, set] |
| If the cache duration for MFA on workstation should be extended when a logon is done. If not configured, default to extend. More... | |
| Trilean | MfaServerExtendCacheDuration [get, set] |
| If the cache duration for MFA on workstation should be extended when a logon is done. If not configured, default to not extend. More... | |
| Trilean | MfaSkipEnabled [get, set] |
| IF the Skip for MFA configuration is enabled. If so, the end duration is More... | |
| DateTime | MfaSkipEnd [get, set] |
| The end date for MFA configuration skip. No effect if More... | |
| Trilean | MfaServerOnlyTerminal [get, set] |
| If the MFA only applies to terminal/RDP sessions on server. If not configured, default to Disabled (aka all sessions). Obsolete since 10.1 More... | |
| Trilean | MfaWorkstationOnlyTerminal [get, set] |
| If the MFA only applies to terminal/RDP sessions on workstations. If not configured, default to Disabled (aka all sessions). Obsolete since 10.1 More... | |
| MfaConnectionTypes | MfaServerConnectionTypes [get, set] |
| Speficy on which types of connections the MFA applies. If not configured, default to Any (aka all sessions). More... | |
| MfaConnectionTypes | MfaWorkstationConnectionTypes [get, set] |
| Speficy on which types of connections the MFA applies. If not configured, default to Any (aka all sessions). More... | |
| MfaRestrictionParams | MFAServerRestrictionParams [get, set] |
| Parameters for the MFA that applies to server sessions. More... | |
| MfaRestrictionParams | MFAWorkstationRestrictionParams [get, set] |
| Parameters for the MFA that applies to workstation sessions. More... | |
| MfaRestrictionParams | MFAIISRestrictionParams [get, set] |
| Parameters for the MFA that applies to IIS sessions. More... | |
| MfaRestrictionParams | MfaVPNRestrictionParams [get, set] |
| Parameters for the MFA that applies to VPN sessions. More... | |
| MfaRestrictionParams | MfaSaasRestrictionParams [get, set] |
| Parameters for the MFA that applies to SaaS events. More... | |
| Trilean | GeolocationEnabled [get, set] |
| If the geolocalisation is enabled More... | |
| bool | IsAnyConfigured [get] |
| Get if any restriction kind is configured. More... | |
| String | Name [get, set] |
| String | AccountName [get, set] |
| Windows account name of the protected user/group. Distinguished name for protected OUs. More... | |
| String | DisplayAccountName [get] |
| Display name for the protected account More... | |
| string | FullAccountName [get] |
| Full account name of the protected account (DomainName\AccountName) More... | |
| string | Sid [get] |
| SID of the protected user/group More... | |
| String | FullName [get] |
| Display name of the protected account More... | |
| String | CanonicalName [get] |
| Canonical name of the object in the Active Directory More... | |
| bool | IsUser [get] |
| True if this is a protected user. False otherwise. More... | |
| ProtectedAccountType | Type [get, set] |
| Type of the protected account. See the enum ProtectedAccountType. More... | |
| string | TextType [get] |
| More... | |
| int | NbConcurrentLogins [get, set] |
| Maximum number of concurrent interactive sessions (workstation sessions and terminal sessions). I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. More... | |
| int | NbConcurrentWorkstations [get, set] |
| Maximum number of concurrent workstation sessions. I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. More... | |
| int | NbConcurrentTerminals [get, set] |
| Maximum number of concurrent terminal sessions. I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. More... | |
| int | RasNbConcurrent [get, set] |
| Maximum number of concurrent Wi-Fi / VPN sessions. I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. More... | |
| int | IisNbConcurrentMax [get, set] |
| Maximum number of concurrent IIS sessions. I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. More... | |
| Trilean | AllowSaaSSessions [get, set] |
| Allow or deny SaaS logins. More... | |
| CustomSessionLimits | CustomSessionLimits [get, set] |
| List of concurrent session limits for different kind of sessions. I_UNLIMITED if unlimited, I_NOTCONFIGURED is denied because it does not make sense to not configure a custom session limit. More... | |
| int | NbConcurrentInitialAccessPoints [get, set] |
| Maximum number of concurrent initial access points. I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. More... | |
| Trilean | OnlyOneActiveSession [get, set] |
| Get/set if UserLock must leave only one active session (interactive), in case of users who has more than one limited session. More... | |
| bool | DisplayWelcomeMessage [get, set] |
| More... | |
| Trilean | DisplayWelcomeMessageNew [get, set] |
| Get/set if the welcome message should be set for the user or for members of the protected group/OU. More... | |
| bool | AllowClosePrevious [get, set] |
| More... | |
| Trilean | AllowClosePreviousNew [get, set] |
| Get/set if the user is allowed to close previous sessions when the new session is not allowed. More... | |
| String | PopupRecipient [get, set] |
| Computer that will receive popup notifications when the user open/close a session of when UserLock deny a logon. More... | |
| bool | PopupLoginNotification [get, set] |
| More... | |
| bool | PopupLogoffNotification [get, set] |
| More... | |
| bool | FailedPopupLoginNotification [get, set] |
| More... | |
| Trilean | EnabledPopupNotifs [get, set] |
| Get/set if popup notifications are enabled or not. More... | |
| Notifications | PopupNotifications [get, set] |
| List of all popup notifications that should be sent. More... | |
| String | EmailRecipient [get, set] |
| E-mail recipients for E-mail notifications. More... | |
| bool | EmailLoginNotification [get, set] |
| More... | |
| bool | EmailLogoffNotification [get, set] |
| More... | |
| bool | FailedEmailLoginNotification [get, set] |
| More... | |
| Trilean | EnabledEmailNotifs [get, set] |
| Get/set if email notifications are enabled or not. More... | |
| Notifications | EmailNotifications [get, set] |
| List of all email notifications that should be sent. More... | |
| Trilean | EnabledSameCredNotifs [get, set] |
| Get/set if same credential notifications are enabled or not. More... | |
| Notifications | SameCredNotifs [get, set] |
| List of all same credential notifications that should be enforced. More... | |
| bool | ExceptWorkstations [get, set] |
| More... | |
| int | ExceptWorkstationsNew [get, set] |
| I_ENABLED: any workstation is allowed except workstations listed in Computers, IpRanges or OuRestrictions. I_DISABLED: only workstations in Computers, IpRanges or OuRestrictions are allowed. More... | |
| RestrictionMode | WorkstationRestrictionsMode [get, set] |
| Workstations | Computers [get, set] |
| List of allowed or denied workstations depending on the property ExceptWorkstationsNew More... | |
| int | ComputerCount [get] |
| Number of workstations listed in the Computers property. More... | |
| IpRanges | IpRanges [get, set] |
| Allowed or denied IP ranges depending on the property ExceptWorkstationsNew. More... | |
| int | IpRangeCount [get] |
| Number of IP ranges listed in the property IpRanges. More... | |
| OuRestrictions | OuRestrictions [get, set] |
| Allowed or denied organizational units depending on the property ExceptWorkstationsNew. More... | |
| int | OuRestrictionsCount [get] |
| Number of organization units in OuRestrictions. More... | |
| bool | ExceptTimeFrames [get, set] |
| More... | |
| int | ExceptTimeFramesNew [get, set] |
| I_ENABLED: a logon is allowed any time except in the time frames listed in the TimeFrames property. I_DISABLED: a logon is never allowed except during time frames listed in the TimeFrames property. More... | |
| RestrictionMode | HourRestrictionsMode [get, set] |
| TimeFrames | TimeFrames [get, set] |
| List of allowed or denied time frames depending on the property ExceptTimeFramesNew. More... | |
| int | MaxSessionLength [get, set] |
| Maximum allowed session length in minutes. I_NOTCONFIGURED there is not session length limit. More... | |
| int | MaxInactivity [get, set] |
| Maximum allowed locked time before USerLock closes the session. More... | |
| ExpirationActionEnum | ExpirationAction [get, set] |
| More... | |
| ExpirationActionEnum | ExpirationActionNew [get, set] |
| Action that UserLock will execute once a session is outside allowed logon hours. See the enum ExpirationActionEnum More... | |
| int | TimeCountdown [get, set] |
| Time countdown in minutes while the notification message is displayed and before the session is closed by UserLock. More... | |
| Trilean | EnabledTimeQuotas [get, set] |
| Get/set if time quotas are Not configured, enabled or disabled. More... | |
| TimeQuotas | TimeQuotas [get, set] |
| List of all time quotas that should be enforced. More... | |
| int | NbConcurrentGroupLogins [get, set] |
| Maximum number of concurrent interactive sessions (workstation sessions and terminal sessions) of all members of the group or OU. I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. More... | |
| int | NbConcurrentGroupWorkstations [get, set] |
| Maximum number of concurrent workstation sessions of all members of the group or OU. I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. More... | |
| int | NbConcurrentGroupTerminals [get, set] |
| Maximum number of concurrent terminal sessions of all members of the group or OU. I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. More... | |
| int | RasNbConcurrentGroup [get, set] |
| Maximum number of concurrent Wi-Fi / VPN sessions of all members of the group or OU. I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. More... | |
| int | IisNbConcurrentGroup [get, set] |
| Maximum number of concurrent IIS sessions of all members of the group or OU. I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. More... | |
Temporary specific. | |
| String | TemporaryName [get] |
| Temporary name of the temporary protected account. More... | |
| DateTime | StartDate [get] |
| Start date of the temporary protected account. More... | |
| DateTime | EndDate [get] |
| End date of the temporary protected account. More... | |
Additional Inherited Members | |
| Public Types inherited from ProtectedAccountBase | |
| enum | Trilean { Disabled = 0, Enabled = 1, NotConfigured = I_NOTCONFIGURED2 } |
| Enumeration of state for settings that can be disabled, enabled or not configured. See DisplayWelcomeMessageNew and AllowClosePreviousNew properties. More... | |
| enum | ExpirationActionEnum { Logoff = 1, Lock = 2, DoNothing = 0, NotConfigured = 3 } |
| Enumeration of actions that can be done when allowed logon hours have expired for a user. See the property ExpirationActionNew. More... | |
| enum | AccountPropertyList : uint { None = 0x00, UserLock = 0x01, Workstations = 0x02, Hours = 0x04, Group = 0x08, NonInteractive = 0x10, Iis = 0x20, Ras = 0x40, List = 0x80, Information = 0x100, All = 0xFFF } |
| Enumeration of all groups of properties in the ProtectedAccount class allowing to get or set only selected properties. See the methods GetInfo and SetInfo of the class ProtectedAccount or the method GetProtectedAccount of the class UserLockServer. More... | |
| enum | ComplexEffRestsPropertyList : byte { None = 0x00, TimeQuotas = 0x01, TimeFrames = 0x02, ClientRestrictions = 0x04, LockedByUserLock = 0x08, GroupRestrictions = 0x10, GeolocRestrictions = 0x20, All = TimeQuotas | TimeFrames | ClientRestrictions | LockedByUserLock | GroupRestrictions | GeolocRestrictions } |
| Enumeration of all complex effective restrictions (cannot be stored in ProtectedAccount fields because they need additional data). Specific to effective restrictions of an user account (not compatible with protected accounts). More... | |
| Public Attributes inherited from ProtectedAccountBase | |
| const int | I_NOTCONFIGURED = -2 |
| const int | I_UNLIMITED = -1 |
| const int | I_DISABLED = 0 |
| const int | I_ENABLED = 1 |
| const int | I_NOTCONFIGURED2 = 2 |
| Protected Attributes inherited from ProtectedAccountBase | |
| bool | _SubAuthApplyWsRestrictions = true |
| List of concurrent session limits for different kind of sessions of all members of the group or OU. I_NOTCONFIGURED if no limit is set, I_UNLIMITED if unlimited. /private CustomSessionLimits _GroupCustomSessionLimits = new CustomSessionLimits();. | |
| String | _AccountName = String.Empty |
| string | _FullAccountName |
| string | _Sid |
| String | _FullName = String.Empty |
| String | _CanonicalName = String.Empty |
| ProtectedAccountType | _Type |
| int | _NbConcurrentLogins = I_NOTCONFIGURED |
| int | _NbConcurrentWorkstations = I_NOTCONFIGURED |
| int | _NbConcurrentTerminals = I_NOTCONFIGURED |
| int | _RasNbConcurrent = I_NOTCONFIGURED |
| int | _IisNbConcurrentMax = I_NOTCONFIGURED |
| Trilean | _AllowSaaSSessions = Trilean.NotConfigured |
| CustomSessionLimits | _CustomSessionLimits |
| int | _NbConcurrentInitialAccessPoints = I_NOTCONFIGURED |
| TrileanPropertyCommand | _OnlyOneActiveSession |
| TrileanPropertyCommand | _DisplayWelcomeMessage |
| TrileanPropertyCommand | _AllowClosePrevious |
| String | _PopupRecipient = String.Empty |
| bool | _EnabledPopupNotifs = false |
| Notifications | _PopupNotifications = new Notifications() |
| String | _EmailRecipient = String.Empty |
| bool | _EnabledEmailNotifs = false |
| Notifications | _EmailNotifications = new Notifications () |
| bool | _EnabledSameCredNotifs = false |
| Notifications | _SameCredNotifs = new Notifications() |
| int | _ExceptWorkstations = I_NOTCONFIGURED2 |
| Workstations | _Computers |
| IpRanges | _IpRanges |
| OuRestrictions | _OuRestrictions |
| int | _ExceptTimeFrames = I_NOTCONFIGURED2 |
| TimeFrames | _TimeFrames |
| int | _MaxSessionLength = I_NOTCONFIGURED |
| int | _MaxInactivity = I_NOTCONFIGURED |
| ExpirationActionEnum | _ExpirationAction = ExpirationActionEnum.DoNothing |
| int | _TimeCountdown = I_NOTCONFIGURED |
| bool | _EnabledTimeQuotas = true |
| TimeQuotas | _TimeQuotas |
| int | _NbConcurrentGroupLogins = I_NOTCONFIGURED |
| int | _NbConcurrentGroupWorkstations = I_NOTCONFIGURED |
| int | _NbConcurrentGroupTerminals = I_NOTCONFIGURED |
| int | _RasNbConcurrentGroup = I_NOTCONFIGURED |
| int | _IisNbConcurrentGroup = I_NOTCONFIGURED |
Detailed Description
Temporary protected account allowing to define temporary rules for an account from a start date to an end date.
Constructor & Destructor Documentation
Default constructor.
| ProtectedAccountTemporary | ( | String | accountName, |
| UserLockServer | userLockServer | ||
| ) |
Constructor from account name and a UserLock server instance.
- Parameters
-
accountName The account name. userLockServer The UserLock server instance.
| ProtectedAccountTemporary | ( | UserLockServer | userLockServer, |
| String | line | ||
| ) |
Constructor from a UserLock server instance and a ";" separated string with main restrictions of the protected account: "account name;...".
- Parameters
-
userLockServer The UserLock server instance. line A ";" separated string with main restrictions of the protected account: "account name;...".
| ProtectedAccountTemporary | ( | String | accountName, |
| UserLockServer | userLockServer, | ||
| AccountPropertyList | propertyList | ||
| ) |
Constructor from the account name, a UserLock server instance and a bitmask of property group to get from the UserLock server instance.
- Parameters
-
accountName The account name. userLockServer The UserLock server instance. propertyList Bitmask of property group to get from the UserLock server instance.
Member Function Documentation
| int InitFromTemporaryName | ( | string | s | ) |
Initialize the current instance from the temporary name.
- Parameters
-
s
- Returns
OUT: The error code.
- Parameters
-
s IN : The temporary name.
|
static |
Convert a date in local time from the "YYYYMMDDHHmmSS" format to a DateTime object.
- Parameters
-
s
- Returns
OUT: Date in local time.
- Parameters
-
s IN : Date in local time in "YYYYMMDDHHmmSS" format.
|
static |
[Static] Compute the temporary name from the account name, start and end dates.
- Parameters
-
accountName The account name. startDate The start date. endDate The end date.
- Returns
- The temporary name.
Property Documentation
|
get |
True if this is a temporary protected user. False otherwise.
|
get |
Get the identifier of the protected account.
|
get |
Temporary name of the temporary protected account.
|
get |
Start date of the temporary protected account.
|
get |
End date of the temporary protected account.
