cancel
Showing results for 
Search instead for 
Did you mean: 

Exempting from the default lock screensaver or disabling the CTRL + ALT + DEL requirement.

MahalakshmiS
Level 2

We are currently using BP 6.10.3. We have exempted our runtime
resources from the default lock screensaver, Disabled the
requirement for CTRL + ALT + DEL to be pressed prior to
interactively logging on; Required for unattended login via Login
Agent •Disable messages that appear on login (e.g. usage access
policies)
Could you please confirm if any of the upgraded BP versions allows
the runtime resources to work without exempting from the default
lock screensaver or disabling the CTRL + ALT + DEL requirement.

3 REPLIES 3

Hi @MahalakshmiS 

If I understand correctly your wish is to find a solution to prevent the screen from being deactivated, that's right ?

david.l.morris
Level 15

Instead of "lock screensaver", I think you mean to say "lock screen". Even in 6.10.3, you can theoretically use the Secure Attention Sequence (SAS) feature that is part of Login Agent without disabling the CTRL+ALT+DEL requirement. This was added as of 6.5. I recall trying to use this a few years ago, and I never personally got it to work, but I also didn't try very hard. Usually it is possible to get these settings changed at the machine level or the group policy level.

If you want to try it yourself in your 6.10.3 environment, see these Support articles:

How to configure Login Agent Group Policy settings : (blueprism.com)

How can I bypass Secure Attention Sequence (SAS) and pre-login message when using Login Agent with Blue Prism Enterprise v6.5 upwards? :

If I remember right, it requires choosing some different settings when installing Login Agent, so be sure to actually uninstall and reinstall Login Agent with the SAS settings enabled. See the document above of course to make sure exactly what to do.


Dave Morris, 3Ci at Southern Company

Denis__Dennehy
Level 15

For me screen lock (and by proxy, Login Agent) is a bit of a red herring with unattended automation,  something that your security/IT need to understand through dialog.
Screen lock exists for human users to make sure that when they are away from their screen someone else cannot access their data.  If the screen is not locked that same human will be sat at the screen and preventing anyone else access.

With unattended robots the security of the robot user desktop must instead predominantly move can access the machine remote access tooling - which can be tied down using SSO/MFA login technologies, by IP address, by tokens, etc.   By concentrating on screen lock, made for humans,  the security professional is potentially allowing a false sense of security because when the screen is unlocked because the robot is working,  the robot will not be able to stop anyone looking at the screen like a human user would.

Work with your security IT team to figure out the most secure remote access security they can think of to make them feel warm and happy about the security of the robots,  try to convince them to stop thinking about robot security in the same way as humans and relying on security features designed for humans sat at a physical machine.