By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Can I use Group Policy to lock all desktops in AD if end-users have not had any action in a period of time? And how can I do it? I checked over the Group Policy setting and could not find one for this.
You can use the "Screen Saver Timeout" policy setting which is found at User Configuration | Administrative Templates | Control Panel | Display | Screen Saver Timeout. However, this won't actually lock the system. To lock it, you need to have the "On resume, password protect" already set, or you can create an ADM template that does the same thing. The registry values you're after are here: HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaverActive set to 1.