Key Benefits
- Only allows enterprise and domain administrators the ability to unlock a user session
- Seamless integration with
Microsoft Windows
- Allows for the logoff of
multiple user sessions in a “Fast user
Switching” scenario or “Switch User” scenario
where multiple users can bog-down the
computer.
- Runs on all current versions of Windows - Windows XP, Windows Vista, Windows 7, Windows 8, Windows Server 2003, Windows Server 2008, Windows Server 2012
Blaser WinUnlock
Blaser WinUnlock allows system
administrators to unlock and access a locked user
session on a workstation.
Blaser WinUnlock is a security audit
and technical support tool that allows an
enterprise or domain administrator to unlock and
access a locked workstation and user desktop. Traditionally,
workstations computers are logged-on and used
during an interactive session with the user in
front of the computer. Once a
workstation is locked (selecting the "Lock
Computer" or “Lock Workstation” option form the
"Ctrl-Alt-Delete" screen (Winlogon Desktop),
Windows will lock the workstation; securing it to
allow only the current user the ability to unlock
and use the workstation.
Occasionally, a system administrator
will need to access the user’s desktop to perform
audits or to provide technical support. For
example, if a user is experiencing problems, needs
software updates that must be installed under the
current user (HKEY_CURRENT_USER registry key), it
will be necessary to either inconvenience the user
by sitting with them to install the software. This
method is inefficient in that is wastes the user's time. By
default, Windows only allows the current user to
unlock the computer. An administrator can unlock
the computer; however, the current session will be
closed along with all the applications started by
that user. As a result, any unsaved work is lost.
Users often must resort to powering a system down
to regain access.
Blaser WinUnlock avoids all of these problems by offering system administrators the flexibility of unlock workstations to perform necessary audits, software installations, and provide technical support – all with logged activity so that the balance between convenience and security can be maintained.
Blaser WinUnlock uses standard the Windows API and does not store or cache any passwords at any time. Authentication attempts are handled by the standard Windows APIs, and upon successful authentication and group membership verification, the user session is unlocked. Once a user session is unlocked, an overlay on the user desktop displays basic system environment variables for the convenience of the administrator. The overlay also provides an alert to the administrator, and those around, that this is not a regular interactive session.
Desktops will re-lock after 2 minutes of inactivity and return to the Winlogon Desktop (Ctrl+Alt+Delete screen). This is to avoid any accidental unlock and distraction factors by the administrator,.
For added security, unlock events are verified with the Domain Controller for the member workstation, and then logged both in the Domain Controller and Local Computer security Event Log. This audit trail ensures that security cand an audit trail can be maintained within the organization.