UserLock 13.0: A redesigned experience for visibility, control, and simplicity

UserLock 13.0 introduces a redesigned experience and enhanced security, putting visibility, control, and usability at the center of identity and access management. Every change, from navigation to reporting, reflects how administrators actually work: needing to see more, act faster, and prevent unwanted access without added complexity. The result is a clearer, more intuitive way to manage Active Directory identity security across on-prem and hybrid environments.

• Discover what’s new in UserLock 13.0

• Explore the changelog

• For clients: A guide to adapting to the new UI

In UserLock 13.0, navigation is completely reimagined to help you get to what matters most, faster: locate resources, configure policies, and monitor activity.

• Dashboard provides an overview of all activity across your environment.

• Environment displays your AD environment, machines, users, groups, and organizational units (OUs).

• Access Policies is where you set and manage access rules.

• Activity shows live sessions and gives you the tools to react instantly.

• Reporting offers insight into what's already happened, with filters and scheduling.

• Server Settings ⚙️ is where you fine-tune UserLock to match your organization’s needs.

UserLock 13.0 brings Active Directory information directly into the console, helping teams see what they need to protect.

The Environment section now includes dedicated pages for:

• Machines (formerly the Agent Distribution page)

• Users

• Groups

• OUs

Admins can quickly see what's protected or audited by UserLock, understand relationships between entities, and locate the right resource when setting or managing policies.

Now, you can click on any user, machine, group or OU to open a detailed dashboard showing activity, policies, and reports filtered for that entity.

• Open multiple dashboards at once for faster investigations, no need to flip back and forth between pages.

• Customize dashboards to highlight key data, remove noise with filters, and favorite custom views for quick access.

  

UserLock 13.0 makes it easier to create and manage access policies.

• Choose who the policy applies to (AD user, group, or OU)

• Select the policy type (MFA, concurrent session limits, working hours, and more)

The new configuration wizard guides administrators step by step, with inline explanations for every option. No need to switch between setup and documentation.

Each policy type now has its own page, so you can see exactly which users, groups, or OUs it applies to.

Configuration is faster, clearer, and minimizes errors.

UserLock 13.0 introduces custom views across all key sections.

Each administrator can filter what information they see by applying filters, adjusting columns, and organizing data to match their role and workflow.

Views can be saved, reused, and shared, allowing teams to align on what matters most when monitoring, investigating, or reporting.

UserLock adapts to the way you work — not the other way around.

Now, teams can track and audit all admin activity with a new Admin Actions panel (accessible from the ⚡️ icon in the top right corner).

Two new reports strengthen accountability and compliance:

• Admin actions report: Shows what was done, by whom, and when.

• Configuration changes report: Lists every modification made to UserLock settings, helping the team spot unauthorized or unexpected changes.

UserLock 13.0 introduces new certificate-based authentication options to strengthen trust across users and devices.

• UserLock SSO now supports user certificate validation, adding an extra layer of identity security when signing in to SaaS applications. Certificates issued by your organization’s trusted Certificate Authority (CA) can be required or automatically validated during login.

• UserLock Anywhere now supports machine certificate authentication, providing a secure, modern alternative to NTLM. This ensures that only domain-trusted computers with valid AD-issued certificates can communicate with the UserLock server.

Together, these capabilities enhance zero-trust identity security and future-proof your environment as legacy protocols like NTLM are phased out.

Anywhere Cloud (Relay API) is a new way to maintain visibility and enforce policies on off-LAN machines, available in beta with UserLock 13.0.

By enabling UserLock Anywhere Cloud Mode, UserLock agents can securely communicate with the UserLock server over the internet. No need for a VPN or IIS relay.

• Maintain policies automatically and close the off-network visibility gap for machines that are off-LAN

• Simplify deployment by removing the need for IIS or VPN configuration

• Reduce exposure risk by eliminating the need to expose a UserLock Anywhere IIS server to the internet. All communication is outbound only, encrypted, and handled via IS Decisions' Azure-hosted relay.

Feedback from early adopters will help shape the final release.

Beyond the major updates above, this release brings several smaller improvements that make day-to-day management more secure and efficient:

• Recovery codes are now 8 digits long, with tighter rate limiting for improved MFA security.

• Report scheduling is easier with the ability to deliver reports as direct links in emails when UserLock is installed as a web app.

• Language support now includes Japanese and Spanish, with Dutch, German, Portuguese, and Arabic versions coming soon.

• Server settings have been reorganized for greater clarity and ease of use.

• In-console upgrade notifications make it simple to stay current with the latest features and fixes.