Archived from groups: microsoft.public.win2000.group_policy (
More info?)
Thanks.
"Oli Restorick [MVP]" wrote:
> I don't know how I missed that one.
>
> Thanks!
>
> Oli
>
>
>
> "Bruce Sanderson" <bsanders@junk.junk> wrote in message
> news:eCOLhTWjEHA.3536@TK2MSFTNGP12.phx.gbl...
> > Are you saying that the setting (in a GPO):
> >
> > Administrative Templates
> > Control Panel
> > Display
> > Screen Saver timeout: xx seconds
> >
> > doesn't do what it says it will do?
> >
> > The combination of this one plus
> > Hide Screen Saver tab: Enabled
> > Screen Saver: Enabled
> > Screen Saver Executable name: Enabled - scrnsave.scr
> > Password protect the screen saver: Enabled
> >
> > seems to be forcing the computer to lock after xx seconds and require the
> > user to re-authenticate for us.
> >
> > --
> > Bruce Sanderson MVP
> >
> > It is perfectly useless to know the right answer to the wrong question.
> >
> >
> > "Oli Restorick [MVP]" <oli@mvps.org> wrote in message
> > news:%23Y97ItOjEHA.140@TK2MSFTNGP12.phx.gbl...
> >> You need to configure the screensaver to secure (lock) the workstation.
> >> This can be done with group policy. However, it's a user policy, not a
> >> computer policy. If you want to do this for a set of computers,
> >> configure a GPO on the OU containing the machines and use a loopback
> >> processing to configure user settings.
> >>
> >> Unfortunately, what group policy doesn't allow you to do is to ensure the
> >> user has a sensible timeout set on the screensaver.
> >>
> >> The timeout is stored in the "ScreenSaveTimeOut" value in the following
> >> registry key:
> >> HKEY_CURRENT_USER\Control Panel\Desktop
> >>
> >> The unit is seconds. You should be able to script this either by
> >> exporting the registry key to a text file and removing the unnecessary
> >> lines. Then run it using "regedit.exe /s myfile.reg".
> >>
> >> Ideally, you want to be able to specify a maximum value, so that if the
> >> user opts for a shorter timeout than the one you specify, they can, but
> >> if they specify a longer timeout, it'll be reset each time they log in.
> >> Ask in one of the scripting groups if you need a hand with this.
> >>
> >> Regards
> >>
> >> Oli
> >>
> >>
> >>
> >> "Jason" <Jason@discussions.microsoft.com> wrote in message
> >> news:5FF65E0E-14BF-4102-91BB-EA4D8974F791@microsoft.com...
> >>> Is there a GPO out to there to just lock a computer after a certain
> >>> amount of
> >>> minutes of inactivity? I know there is one to logoff the account, I
> >>> could
> >>> not find one for just locking the workstation. Thanks in advance.
> >>>
> >>> Jason
> >>
> >>
> >
> >
>
>
>