By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Can I use Group Policy to lock all desktops in AD if end-users have not had any action in a period of time? And how can I do it? I checked over the Group Policy setting and could not find one for this.
You can use the "Screen Saver Timeout" policy setting which is found at User Configuration | Administrative Templates | Control Panel | Display | Screen Saver Timeout. However, this won't actually lock the system. To lock it, you need to have the "On resume, password protect" already set, or you can create an ADM template that does the same thing. The registry values you're after are here: HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaverActive set to 1.