We are to deploy Workstation Lockout Policy in our whole organisation.
This will be done with Group Policy (GPO) located at:
User configuration\Administrative Templates\Control Panel\Display\...
We are to exclude certain workstations or machines from this policy so that
they do not lockout after a period of inactivity because they are monitoring
machines and their screens need to be displayed clearly at all times.
I have checked and it is done on the User Configuration of the GP Editor
and not on the Computer Configuration as I expected it to be?
When the user gets the GPO update and leaves their machine unattended for
15 mins or more, they will be prompted to login when they next attempt to
access the machine. This is actually the screen saver that does this. The
workstations/machines are mostly Windows XP ones.
The question is, since this is applied on the User Configuration\ container
how do I apply this so that the monitoring machines are excluded but all
other workstations get this GPO update?
I have a list of machines that need to be excluded plus a few user accounts.