Failure Audit 530 with Force Logoff in GP

I have an account logon time restriction violation in my security event log. I have in place a group policy that will log the user off if they are logged in within the time resriction. The event ID is 530 under security as the source. I have read that if the user is logged into outlook when they are forced log off then this may cause the event in the security log. It happens multiple time a minute per user that has the failure audit. Im not sure if that is what's causing my failure audits, but let me know what you all think.
compguy101101Asked:
Who is Participating?
 
stronglineConnect With a Mentor Commented:
then you have to disable the account logon auditing completely, which is probably not what you want.

account logon auditing setting can be changed in Default Domain *Controller* Policy.
0
 
stronglineCommented:
yes that is correct. 530 will be generated only when time restriction is violated.
0
 
compguy101101Author Commented:
Well I am still trying to figure out what to change so that I don't receive the 530 error. If you have an idea on that it would be helpful. I want to force the log off of the user which I already have set. But it does not seem to work or either because they are in Outlook they are forced to logg off so it see's them as logged in.
0
 
compguy101101Author Commented:
Yes that is not what I want to do. I want to make it to where when the user is forced to log off then Everything is closed, their profile is logged off completely and I don't receive the 530 error.
0
 
Computer101Commented:
Forced accept.

Computer101
EE Admin
0
All Courses

From novice to tech pro — start learning today.