|
UserLock API
|
Classes | |
| class | AgentDistributionProperties |
| Agent distribution properties. See the property AgentDistributionProperties of the UserLockServer class to retrieve an instance of this class and update it. More... | |
| class | ClientRests |
| Client restrictions (computer names, IP ranges, OUs). More... | |
| class | ClientRestsEff |
| Effective client restrictions (cannot be stored in ProtectedAccount fields because they need additional data). More... | |
| class | ConsumedTime |
| Consumed time for a specific type of session. More... | |
| class | CountriesEff |
| Effective list of countries (for effective geoloc restriction). More... | |
| class | CustomSessionLimit |
| Custom limit to set a maximum number of concurrent sessions for selected types of sessions. More... | |
| class | CustomSessionLimits |
| List of custom session limits. See the class CustomSessionLimit and the property CustomSessionLimits of the ProtectedAccount class to get/set the list. More... | |
| class | GroupRestsEff |
| Effective group restrictions (cannot be stored in ProtectedAccount fields because they need additional data). More... | |
| class | IisSession |
| Represent an IIS session. More... | |
| class | InteractiveSession |
| Class for interactive sessions: workstation sessions and terminal sessions. More... | |
| class | IpRange |
| IP range for workstation restrictions. More... | |
| class | IpRanges |
| List of IP ranges for workstation restrictions. More... | |
| class | MachineState |
| State of a machine in the protected network zone. This is an element of a MachineStates list. More... | |
| class | MachineStates |
List of machine states in the protected network zone. See the class MachineState and see the property AgentDistribution of the UserLockServer class to retrieve such a list.
| |
| class | Message |
| Customizable message. More... | |
| class | Messages |
| List of customizable messages. See the class Message. More... | |
| class | MinMaxSessionCount |
| "MinMaxSessionCount" class declaration. More... | |
| class | MinMaxSessionCounts |
| "MinMaxSessionCounts" class declaration. More... | |
| class | MinMaxSessionCountsSt |
| "MinMaxSessionCountsSt" class declaration. More... | |
| class | Notifications |
| List of same credential notifications. Use the property SameCredNotifs of the ProtectedAccount class to get/set such a list. More... | |
| class | OuRestriction |
| Organizational unit for workstation restrictions. More... | |
| class | OuRestrictions |
| List of organizational unit restrictions. More... | |
| class | Permission |
| Access control entry for UserLock administration permissions. More... | |
| class | Permissions |
| List of UserLock administration permissions. More... | |
| class | ProtectedAccount |
| Protected account allowing to define logon rules for a user or a group/organizational unit of users. Most properties and methods are implemented in the base class ProtectedAccountBase. More... | |
| class | ProtectedAccountBase |
| Base class for ProtectedAccount and ProtectedAccountEffective. More... | |
| class | ProtectedAccountEffective |
| Effective Protected Account is a virtual protected account (it doesn't exist in the protected accounts list) to know the effective restrictions that affect one user according with the policy defined in UserLock and the protected accounts configuration. More... | |
| class | ProtectedAccounts |
| List of protected accounts. See the class ProtectedAccount and see the property ProtectedAccounts of the UserLockServer class to see how to retrieve such a list. More... | |
| class | ProtectedAccountTemporary |
| Temporary protected account allowing to define temporary rules for an account from a start date to an end date. More... | |
| class | ProtectedItem |
| Base class for items that can be protected in protected accounts. More... | |
| class | RasSession |
| Class for RAS sessions. More... | |
| class | ReportedIisUser |
| Represent a user with his IIS sessions. More... | |
| class | ReportedMachine |
| Represent a computer with all the sessions on it. This is an element of the property ReportedMachines of the class UserLockServer. Also see the method GetReportedMachine to get an instance for a specific computer. More... | |
| class | ReportedMachineBase |
| Base class for the classe ReportedMachine. More... | |
| class | ReportedRasUser |
| Represent a user with his RAS sessions. More... | |
| class | ReportedUser |
| Represent a user with all his sessions. An element of the property ReportedUsers of the class UserLockServer. Also see the method GetReportedUser to get an instance for a specific user. More... | |
| class | ReportedUserBase |
| Base class for the classes ReportedUser, ReportedIisUser and ReportedRasUser. More... | |
| class | ServerProperties |
| UserLock server properties. More... | |
| class | Session |
| Base class for all kind of sessions. More... | |
| struct | SsoServer |
| Represent a single SSO Server. More... | |
| class | TimeFrame |
| Time frame for hour restrictions. More... | |
| class | TimeFrames |
| List of time frames. See the class TimeFrame. More... | |
| class | TimeFramesEff |
| Effective time frame restrictions (cannot be stored in ProtectedAccount fields because they need additional data). More... | |
| class | TimeQuota |
| Time quota for a specific period of time and for specific types of session. More... | |
| class | TimeQuotaCount |
| Time quota and corresponding remaining time count for a specific user. Allows to know how much time the user has left. More... | |
| class | TimeQuotas |
| List of TimeQuota. Use the property TimeQuotas of the ProtectedAccount class to get/set such a list. More... | |
| class | TimeQuotasCounts |
| List of TimeQuotaCount for a user but different types of sessions. Use the property TimeQuotasCounts of the class TimeQuotaStatus to get such a list. More... | |
| class | TimeQuotasEff |
| Effective time quota restrictions (cannot be stored in ProtectedAccount fields because they need additional data). More... | |
| class | TimeQuotaStatus |
| Time quota status for a specific user. List consumed time for the user and for all kind of sessions. See the class ConsumedTime and use the function GetUserQuotaStatus of the UserLockServer class to get the time quota status for a specific user. Also allows to get the effective quotas for the user. More... | |
| class | UserLockServer |
| Instance of a local or remote UserLock server. More... | |
| class | Variables |
| Liste de toutes les variables. More... | |
| class | Workstation |
| Class to specify a workstation restriction by client name. More... | |
| class | Workstations |
| List of workstation restrictions by client name. More... | |
Enumerations | |
| enum | JoinMode { Always = 0 , IfNewNotAllowed = 1 , Never = 2 } |
| Different possible behaviors if a user opens a terminal session on a terminal server on which he already has an opened session. See the property JoinMode of the class AgentDistributionProperties. More... | |
| enum | AgentType { Desktop = 0 , DC = 1 , RRAS = 2 , NPS = 3 , IAS = NPS , IIS = 4 , Mac = 5 } |
| The different types of agents that can be installed. See the property AgentType of the MachineState class. More... | |
| enum | AgentStatus { NotInstalled = 0 , Installed = 1 , Unknown = 2 , Installing = 3 , Uninstalling = 4 , Upgrading = 5 } |
| Installation status of the agent. See the property AgentStatus of the class MachineState. More... | |
| enum | Category |
| Variable Category. | |
| enum | UserLockRights : uint { ProtectedAccounts = 0x00000001 , Messages = 0x00000002 , UserSessions = 0x00000004 , AgentDistribution = 0x00000008 , ServerProperties = 0x00000010 , Permissions = 0x00000020 , AllUserLockRightsRW = ProtectedAccounts | Messages | UserSessions | AgentDistribution | ServerProperties | Permissions , ProtectedAccountsRO = 0x00000040 , MessagesRO = 0x00000080 , UserSessionsRO = 0x00000100 , AgentDistributionRO = 0x00000200 , ServerPropertiesRO = 0x00000400 , PermissionsRO = 0x00000800 , AllUserLockRightsRO = ProtectedAccountsRO | MessagesRO | UserSessionsRO | AgentDistributionRO | ServerPropertiesRO | PermissionsRO , AllUserLockRights = AllUserLockRightsRO | AllUserLockRightsRW , All = 0xFFFFFFFF , None = 0 } |
| UserLock access rights. Bitmap. Used to know the access rights allowed for a connection to the UserLock server (UlConnection.Rights). Also used twice for each account listed in the UserLock administrative permissions: one for allowed permissions (Permission.AllowedRights) and one for denied permissions (Permission.DeniedRights). More... | |
| enum | MfaConnectionTypes { NotConfigured = -2 , FromOutside = 2 , Remote = 1 , Any = 0 } |
| Enumeration for when the MFA should be triggered. To get the numeric in PowerShell, here is an example: "([ISDecisions.UserLockLibrary.MfaConnectionTypes]'Remote').value__". More... | |
| enum | MfaDurationTimeUnit { NotConfigured = -2 , Days = 0 , Hours = 1 , Minutes = 2 } |
| Enumaration of the time unit for the duration between 2 ask, for "Logon every (x)" and "Logon after (x)". More... | |
| enum | ProtectedAccountType { None = 0 , User = 1 , Group = 2 , Ou = 3 } |
| Enumeration for all type of protected accounts. More... | |
| enum | EventSessionChange { OnInteractiveLogoff = 0 , OnInteractiveLogon = 1 , OnInteractiveLock = 2 , OnInteractiveUnlock = 3 , OnInteractiveLogonDeniedUserLock = 4 , OnInteractiveReconnection = 5 , OnInteractiveDisconnection = 6 , OnInteractiveLogonDeniedWindowsPassword = 10 , OnInteractiveLogonDeniedWindowsRestriction = 11 , OnInteractiveLogonDeniedWindowsLockedOut = 12 , OnInteractiveLogonDeniedWindowsTimeRestriction = 13 , OnInteractiveLogonDeniedWindowsGeneric = 20 , OnInteractiveMfaHelpNeeded = 21 , OnIisLogoff = 100 , OnIisLogon = 101 , OnIisLogonDeniedUserLock = 104 , OnIisLogonDeniedWindowsPassword = 110 , OnIisLogonDeniedWindowsRestriction = 111 , OnIisLogonDeniedWindowsLockedOut = 112 , OnIisLogonDeniedWindowsTimeRestriction = 113 , OnIisLogonDeniedWindowsGeneric = 120 , OnRasLogoff = 200 , OnRasLogon = 201 , OnRasLogonDeniedUserLock = 204 , OnRasLogonDeniedWindowsPassword = 210 , OnRasLogonDeniedWindowsRestriction = 211 , OnRasLogonDeniedWindowsLockedOut = 212 , OnRasLogonDeniedWindowsTimeRestriction = 213 , OnRasLogonDeniedWindowsGeneric = 220 , OnNetworkLogonDeniedWindowsPassword = 310 , OnNetworkLogonDeniedWindowsRestriction = 311 , OnNetworkLogonDeniedWindowsLockedOut = 312 , OnNetworkLogonDeniedWindowsTimeRestriction = 313 , OnNetworkLogonDeniedWindowsGeneric = 320 , OnTerminalLogonDeniedWindowsPassword = 410 , OnTerminalLogonDeniedWindowsRestriction = 411 , OnTerminalLogonDeniedWindowsLockedOut = 412 , OnTerminalLogonDeniedWindowsTimeRestriction = 413 , OnTerminalLogonDeniedWindowsGeneric = 420 , OnUacLogon = 601 , OnUacLogonDeniedUserLock = 604 , OnUacLogonDeniedWindowsGeneric = 620 } |
| Enumeration for all type of events for session change notifications. More... | |
| enum | UserStatusTriggers : uint { Protected = 0x00000001 , FirstEvent = 0x00000002 , Event = 0x00000004 , EventAfterPeriod = 0x00000008 , Inactivity = 0x00000010 , AdAccountLocked = 0x00000020 , SessionsOverLimit = 0x00000040 , SessionsOverNumber = 0x00000080 , DeniedLogonsByUl = 0x00000100 , DeniedLogonsByWnd = 0x00000200 , InitialAccessPointsOverLimit = 0x00000400 , InitialAccessPointsOverNumber = 0x00000800 , PublicAndPrivateInitialAccessPoints = 0x00001000 , SessionImpersonation = 0x00002000 , AdAccountDisabled = 0x00004000 , All = 0xFFFFFFFF } |
| Different triggers that could be activated for one user. The status of the user is deduced from the triggers. More... | |
| enum | UserStatus { Unknown = -1 , Unprotected = 0 , Protected = 1 , Inactive = 2 , New = 3 , Risk = 4 , HighRisk = 5 } |
| Different possible status for a user, this status are exclusive. If a user has more than one, the priority is defined by the value (BadBehaviour the most important). More... | |
| enum | IAP { Unknow = -1 , NonInitialAccessPoint = 0 , InitialAccessPoint = 1 } |
| This is an initial access point or not? More... | |
| enum | ServerMode { Backup , Primary , StandaloneTS , Invalid } |
| Get the network zone protected by the UserLock service (Primary server mode). More... | |
| enum | ServerPropertyList : int { None = 0x0000 , General = 0x0001 , Logs = 0x0002 , Security = 0x0004 , Synchronisation = 0x0008 , TerminalServer = 0x0010 , License = 0x0020 , UserStatus = 0x0040 , AdminAccount = 0x0080 , Advanced = 0x0100 , Webhook = 0x0200 , MFA = 0x0400 , AgentDistribution = 0x0800 , All = General | Logs | Security | Synchronisation | TerminalServer | License | UserStatus | AdminAccount | Advanced | Webhook | MFA | AgentDistribution } |
| Represent groups of server properties that will be synchronized between the server and a ServerProperties instance. Several values can be combined with the or (|) operator (flags). See the methods GetInfo and SetInfo of the ServerProperties class. More... | |
| enum | ExceedingSessionsOrder { OldestFirst = 0 , NewestFirst = 1 } |
| Represent the chronological order for closing exceeding sessions. See the property ExceedingSessionsOrder of the ServerProperties class. More... | |
| enum | SmtpAuthentication { None = 0 , Windows = 1 , ProvideCredentials = 2 } |
| The authentication method the UserLock server has to use to connect to the SMTP server. More... | |
| enum | EventStatusChange { OnUnprotectedStatus = 1000 , OnProtectedStatus = 1001 , OnInactiveStatus = 1002 , OnNewStatus = 1003 , OnRiskStatus = 1004 , OnHighRiskStatus = 1005 , OnMfaHelpNeeded = 1006 } |
| Enumeration for all type of events for status change notifications. More... | |
| enum | OfflineMode { Allow , RequireMfa , ForceMfa , Disallow } |
| Enumeration of action to take for logons without network connection. More... | |
| enum | EnableMfaFallbackMode { Disabled = 0 , Enabled = 1 , Force = 2 } |
| Enumeration of what rule to apply for multiple MFA methods. More... | |
| enum | SessionType { All = Interactive | IIS | RAS | VPN | Wifi | SAAS | UAC , None = 0 , Workstation = 1 , Terminal = 2 , Interactive = Workstation | Terminal , IIS = 4 , RAS = 8 , VPN = 16 , Wifi = 32 , SAAS = 64 , UAC = 256 } |
| Different types of sessions. A session has only one type but several types can be specified in several cases (access policies, reports etc.). More... | |
| enum | LicenseType |
| Different type license key. | |
| enum | ServerDataElement { None = 0 , AgentDistribution = 0x2 , AgentDistributionProperties = 0x4 , UserSessions = 0x40 , Messages = 0x80 , Properties = 0x100 , ProtectedAccounts = 0x200 , All = ProtectedAccounts | Properties | Messages | UserSessions | AgentDistributionProperties | AgentDistribution } |
| Allows to specify what for information needs to be refreshed from the server. See the Refresh method of the UserLockServer class. More... | |
| enum | NotifyMode { } |
| Allows to specify the notify mode for a shutdown. See the Shutdown method of the UserLockServer class. More... | |
| enum | ExecutionMode { Default = -1 , Immediate = 0 , ImmediateIfPossible = 1 , AlwaysNotiFy = 2 } |
| Allows to specify the execution mode for a shutdown. See the Shutdown method of the UserLockServer class. More... | |
| enum | ForceMode { Default = -1 , No = 0 , Yes = 1 } |
| Allows to specify if applications will be closed by force during a shutdown. See the Shutdown method of the UserLockServer class. More... | |
| enum | LicenseStatus { Valid , MaintenanceExpiresInLessThanOneMonth , ExpireInLessThanOneMonth , MaintenanceExpireInLessThanOneWeek , ExpireInLessThanOneWeek , ExpireInLessThanOneDay , MaintenanceExpired , ExpiredButStillRuns , Expired , None , Activable , Offline , OfflineButStillRuns , Deactivated , Invalid } |
| License expiration status. More... | |
| enum | MspLicenseStatus { } |
| enum | LicenseUseStatus { Ok , InsideNotifs , NinetyPercentUsed = InsideNotifs , InsideGrace , AllUsed = InsideGrace , Over } |
| License usage status. The different values are ordered from least critical to most critical. More... | |
| enum | ClientServerCompatibility { VersionNotCompatible = 0 , SameVersion = 1 , OldVersion = 2 , VersionWithNewFeatures = 3 , VersionWithRemovedCommands = 4 } |
| Compatibility status between the API and the connected UserLock server. More... | |
| enum | SessionStatisticMode { Normal , GroupInteractive , GroupBySessionType } |
| Different possible modes for session statistic. More... | |
| enum MfaConnectionTypes |
Enumeration for when the MFA should be triggered. To get the numeric in PowerShell, here is an example: "([ISDecisions.UserLockLibrary.MfaConnectionTypes]'Remote').value__".
| Enumerator | |
|---|---|
| NotConfigured | Not configured. |
| FromOutside | When the logon originate from outside the network. |
| Remote | For all terminal sessions. |
| Any | For all sessions. |
| enum MfaDurationTimeUnit |
Enumaration of the time unit for the duration between 2 ask, for "Logon every (x)" and "Logon after (x)".
| enum EventSessionChange |
Enumeration for all type of events for session change notifications.
| enum UserStatus |
Different possible status for a user, this status are exclusive. If a user has more than one, the priority is defined by the value (BadBehaviour the most important).
| enum IAP |
| enum SmtpAuthentication |
| enum EventStatusChange |
Enumeration for all type of events for status change notifications.
| enum OfflineMode |
Enumeration of action to take for logons without network connection.
| enum LicenseStatus |
License expiration status.
| enum MspLicenseStatus |
| enum LicenseUseStatus |
License usage status. The different values are ordered from least critical to most critical.
Compatibility status between the API and the connected UserLock server.
| enum SessionStatisticMode |
1.10.0