GPO : configure automatic session locking

Presentation

In this tutorial, we will see how to activate automatic session locking after a period of inactivity.

This group policy increases the level of security, because many users do not lock their session when they leave their workstation.

The parameters that we will configure apply to Users.

Activate automatic session lock

From a domain controller, open the Group Policy Management console, right click 1 on the OU where the policy should be applied and click on Create a GPO in this domain, and link it here < <2.

New stratégy

Name 1 the strategy and click OK 2.

name the strategy

Now the strategy has been added, right click on 1 and click on Edit 2.

Edit strategy

Go to the User Configuration / Policies / Administrative Templates / Control Panel / Personalization location to access the parameters to configure.

Location of settings

Open the Enable setting the standby screen and activate 1.

Enable screen saver

Open the Screen saver timeout parameter, activate the 1 and configure the duration in seconds 2 of inactivated before locking.

Delay inactivity

Open the parameter Force a specific screen saver, activate the 1 and configure the following file: C: \ Windows \ System32 \ scrnsave.scr 2.

Configure screeensaver

Open the parameter A password protects the screen saver and activate 1.

Screensave with password

The settings for automatic session locking are configured.

Parameter overview

Summary of the strategy:

Overview of the strategy

When users have the policy applied, the session will be locked automatically after 15 minutes of inactivity.

On a very small number of users, it is possible that the session will lock after a shorter delay. I did not find the cause for this problem. To solve the problem, I recreated the session on the computer.



Related Posts


GPO: Enabling and Configuring WinRM – Remote Management

Table Of ContentsPresentationGPO for WinRMConfiguring WinRMService configuration Presentation In this tutorial, we will have how to enable and configure remote management (WinRM - Windows Remote Manag

Work Folders: Installation and Configuration

Table Of ContentsPresentationPreparation of the environmentLocation of work foldersDNS registrationInstalling the Work Folders feature on the serverServer configurationConfiguration of the client comp

Network share: enable enumeration based on access EBA

Introduction The access-based enumeration allows to display in a network share, only folders and files whose use has at least a right of reading. Other documents and folders will be hidden. Enabling t