Use case: Unlock request for a device in the DOC

The following questions are answered in this use case:

  • How do you lock a device via its device class in the DOC?

  • How can you unlock the locked device for users?

  • What do you do in the DOC as soon as a user has created an unlock request for this device?

Open DOC -> Security Controls -> Devices -> Configuration -> Device classes.

  1. In this example, you want to block the use of Android devices. Select this entry from the list and open the context menu. Click Block. A green lock indicates the locking status.

  2. Optionally, you can configure individual lock settings by selecting Edit configuration in the context menu, for example, or simply clicking on the device class. The options correspond to those in the Policy Editor and are explained here.

  3. Is the unlock request option already set up on your DriveLock agents? If not, please configure it first in the Global configuration in the Policy Editor. Click here for more information.

  4. An Android device is now connected on the DriveLock Agent. A message indicates that it is locked. To be able to connect it anyway, the user selects the option Request unlock via the DriveLock icon in the taskbar.

  5. The following dialog shows the device, the user selects it accordingly and then clicks on Request unlock. A reason for the release must be given before it can be sent.

  6. Back in the DOC, you will see the new request from the Android device shortly afterwards under Administration -> Unlock request.

  7. You now have the following options in the detail window:

    • Approve unlock and create new rule: You can create a new device rule directly during the unlock process.

    • Approve unlock and add to rule: If you have already created a rule, for example one for all allowed devices, you can simply add the Android device.

    • Deny: If you do not agree to the device being unlocked, you can send the user the reason for the denial as a message. The device will remain locked until further notice.

  8. Unless denied, the requested device can now be used on the DriveLock Agent and is allowed for further use.

  9. The device is now displayed in your list of devices. Here you can also see all device activities in the detail window, for example when the device was unlocked (allowed) or when it was added to a rule. The related objects (for example the computer the device was connected to) are also displayed.