Only allows enterprise and
domain administrators the ability to unlock a
Seamless integration with
Allows for the logoff of
multiple user sessions in a “Fast user
Switching” scenario or “Switch User” scenario
where multiple users can bog-down the
Runs on all current versions of Windows -
Windows XP, Windows Vista, Windows 7, Windows 8,
Windows Server 2003, Windows Server 2008, Windows
Blaser WinUnlock allows system
administrators to unlock and access a locked user
session on a workstation.
Blaser WinUnlock is a security audit
and technical support tool that allows an
enterprise or domain administrator to unlock and
access a locked workstation and user desktop.Traditionally,
workstations computers are logged-on and used
during an interactive session with the user in
front of the computer.Once a
workstation is locked (selecting the "Lock
Computer" or “Lock Workstation” option form the
"Ctrl-Alt-Delete" screen (Winlogon Desktop),
Windows will lock the workstation; securing it to
allow only the current user the ability to unlock
and use the workstation.
Occasionally, a system administrator
will need to access the user’s desktop to perform
audits or to provide technical support.For
example, if a user is experiencing problems, needs
software updates that must be installed under the
current user (HKEY_CURRENT_USER registry key), it
will be necessary to either inconvenience the user
by sitting with them to install the software.This
method is inefficient in that is wastes the user'stime.By
default, Windows only allows the current user to
unlock the computer. An administrator can unlock
the computer; however, the current session will be
closed along with all the applications started by
that user. As a result, any unsaved work is lost.
Users often must resort to powering a system down
to regain access.
Blaser WinUnlock avoids all of
these problems by offering system administrators the
flexibility of unlock workstations to perform
necessary audits, software installations, and
provide technical support – all with logged activity
so that the balance between convenience and security
can be maintained.
Blaser WinUnlock uses standard the
Windows API and does not store or cache any
passwords at any time.Authentication attempts are handled by the
standard Windows APIs, and upon successful
authentication and group membership verification,
the user session is unlocked.Once a
user session is unlocked, an overlay on the user
desktop displays basic system environment variables
for the convenience of the administrator. The
overlay also provides an alert to the administrator,
and those around, that this is not a regular
Desktops will re-lock after 2 minutes
of inactivity and return to the Winlogon Desktop
(Ctrl+Alt+Delete screen).This is to
avoid any accidental unlock and distraction factors
by the administrator,.
For added security, unlock events are
verified with the Domain Controller for the member
workstation, and then logged both in the Domain
Controller and Local Computer security Event Log.This audit
trail ensures that security cand an audit trail can
be maintained within the organization.
Installing the WinUnlock Client - WinUnlock Client can be used freely on an unlimited number of workstations without a license to logoff idle sessions.
Installing the WinUnlock Server - WinUnlock Server authenticates unlock requests by the WinUnlock Client. This component is licensed per domain and is required for workstation unlock functionality.
Installing the WinUnlock Client and demonstrating the desktop unlocking functionality. WinUnlock Server must also be installed within the domain to authenticate to unlock requests.