Unlock Device and All Users

Problem Overview

When a device has been secured using the Lock Device and All Users Automation, you need a quick, reliable way to revert those changes. This automation removes restrictions, re-enables user accounts, and restores functionality without risking downtime or data loss.

Description

When triggered—often by removing the “Lock” tag—the Unlock automation undoes the previously applied security measures. It re-enables local accounts on Windows, macOS, and Linux, and in the case of Windows domain-joined devices, it restores Active Directory account access. This ensures users can log in and resume work promptly, while Level still retains full management capabilities.

Preview

Use Cases

• Quickly restoring access after a security lock
• Resuming operations on devices verified as safe
• Undoing false-positive lock incidents
• Simplifying credential management for return-to-service devices

Recommendations

• Test the Unlock Process: Before deploying widely, confirm it works on a non-critical test device.
• Combine With Lock Automation: Use this in tandem with the Lock Device and All Users Automation to create a seamless security workflow.
• Monitor Domain Restoration: Validate domain credentials are active again for Windows devices.
• Review Alerts: Check for any error alerts to ensure the unlock process was fully successful.

FAQ

• Does this automation re-enable domain accounts?‍
  Yes, it restores any previously locked Active Directory accounts for Windows devices.

• Can I revert to a locked state if needed?
  ‍Absolutely. Simply reapply the “Lock” tag to trigger the security lockdown again.

• Will user sessions auto-resume after unlocking?
  ‍Users may need to log back in, but their account access is restored immediately.

• Is there a risk of partial unlock?
  ‍In rare cases where re-enablement cannot complete, an alert is generated for prompt troubleshooting.