GPO : configure automatic session locking

Presentation

In this tutorial, we will see how to activate automatic session locking after a period of inactivity.

This group policy increases the level of security, because many users do not lock their session when they leave their workstation.

The parameters that we will configure apply to Users.

Activate automatic session lock

From a domain controller, open the Group Policy Management console, right click 1 on the OU where the policy should be applied and click on Create a GPO in this domain, and link it here < <2.

New stratégy

Name 1 the strategy and click OK 2.

name the strategy

Now the strategy has been added, right click on 1 and click on Edit 2.

Edit strategy

Go to the User Configuration / Policies / Administrative Templates / Control Panel / Personalization location to access the parameters to configure.

Location of settings

Open the Enable setting the standby screen and activate 1.

Enable screen saver

Open the Screen saver timeout parameter, activate the 1 and configure the duration in seconds 2 of inactivated before locking.

Delay inactivity

Open the parameter Force a specific screen saver, activate the 1 and configure the following file: C: \ Windows \ System32 \ scrnsave.scr 2.

Configure screeensaver

Open the parameter A password protects the screen saver and activate 1.

Screensave with password

The settings for automatic session locking are configured.

Parameter overview

Summary of the strategy:

Overview of the strategy

When users have the policy applied, the session will be locked automatically after 15 minutes of inactivity.

On a very small number of users, it is possible that the session will lock after a shorter delay. I did not find the cause for this problem. To solve the problem, I recreated the session on the computer.





Related Posts


GPO: Installing the FusionInventory Agent

Introduction Following the many messages I can see on the forum concerning the installation of the Agent FusionInventory, I will explain how I have been doing for several years. In this article, I'll

Exchange 2016: Installation and Configuration

In this tutorial, we will see how to install and configure Exchange 2016. Exchange is a mail server designed by Microsoft, it is the professional version of Hotmail (Outlook). Environment An Active Di

Bitlocker : enable encryption with a TPM chip

IntroductionAdd a TPM chip to a Hyper-V virtual machine (optional)Check the presence of a TPM moduleActivate BitlockerConclusion Introduction In this tutorial, I will tell you how to activate Bitlocke