In this tutorial, we will see how to activate automatic session locking after a period of inactivity.
This group policy increases the level of security, because many users do not lock their session when they leave their workstation.
The parameters that we will configure apply to Users.
Activate automatic session lock
From a domain controller, open the Group Policy Management console, right click 1 on the OU where the policy should be applied and click on Create a GPO in this domain, and link it here < <2.
Name 1 the strategy and click OK 2.
Now the strategy has been added, right click on 1 and click on Edit 2.
Go to the User Configuration / Policies / Administrative Templates / Control Panel / Personalization location to access the parameters to configure.
Open the Enable setting the standby screen and activate 1.
Open the Screen saver timeout parameter, activate the 1 and configure the duration in seconds 2 of inactivated before locking.
Open the parameter Force a specific screen saver, activate the 1 and configure the following file: C: \ Windows \ System32 \ scrnsave.scr 2.
Open the parameter A password protects the screen saver and activate 1.
The settings for automatic session locking are configured.
Summary of the strategy:
When users have the policy applied, the session will be locked automatically after 15 minutes of inactivity.
On a very small number of users, it is possible that the session will lock after a shorter delay. I did not find the cause for this problem. To solve the problem, I recreated the session on the computer.