Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2586
  • Last Modified:

System Returns to Password Screen Lock after 10 MInutes

With all Terminal Server Sessions running on Wyse Terminals and after loggin in to the session with appropriate userid and password, the session returns to the password requires to unlock the computer after 10 minutes.  I have changed the idle timeout in both the terminal server configuration and Group Policy for the Group Policy Object (Terminal Server Users) to 1 day.  It still times out?
0
OrcasTech
Asked:
OrcasTech
1 Solution
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
That setting is the SCREEN SAVER setting with "on resume, password protect" checked
0
 
No1_ReggieCommented:
Depending on the particular WYSE terminal you are using - some of them have their own control panel which will start a screensaver - check on that but i think your issue is exactly what leew has described.
0
 
sk_raja_rajaCommented:
I am assuming you are talking about the windows screensaver ? Configuration\Administrative Templates\Control Panel\Display. The following sub-policies are the ones you are seeking:

Activate screensaver:

If you enable it, a screen saver will run provided the following two condtions hold: First, a valid screensaver on the client is specified via the "Screensaver executable name" policy or via Control Panel on the client computer. Second, the screensaver timeout is set to a nonzero value via the policy or Control Panel.

Password protect the screen saver:

Determines whether screen savers used on the computer are password protected.

If you enable this policy, all screen savers are password protected. If you disable this policy, password protection cannot be set on any screen saver.

This policy also disables the "Password protected" check box on the Screen Saver tab in Display in Control Panel, preventing users from changing the password protection setting.

If you do not configure this policy, users can choose whether or not to set password protection on each screen saver.

This policy is used only when a screen saver is specified for the computer. To specify a screen saver on a computer, in Control Panel, double-click Display, and then click the Screen Saver tab. To specify a screen saver in a policy, use the "Screen saver executable name" policy.

Note: To remove the Screen Saver tab, use the "Hide Screen Saver tab" policy.

Screen saver time out:

Specifies how much user idle time must elapse before the screen saver is launched.

When configured, this idle time can be set from a minimum of 1 second to a maximum of 86400 seconds, or 24 hours. If set to zero, the screen saver will not be launched.

This policy has no effect under any of the following circumstances:

- The policy is disabled or not configured.
- The wait time is set to zero.
- The "Activate screen saver" policy is disabled.
- Neither the "Screen saver executable name" policy nor the Screen Saver tab of the client computer's Display Properties dialog box specifies a valid, existing screensaver program on the client.

When not configured, whatever wait time is set on the client through the Screen Saver tab of the Display Properties dialog box is used. The default is 15 minutes.

Hide Screen Saver Tab:

Removes the Screen Saver tab from Display in Control Panel.

This policy prevents users from using Control Panel to add, configure, or change the screen saver on the computer.


also after changing the policy it will take time to propegate unless you force the policy
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
OrcasTechAuthor Commented:
None of the Group Policies sited are enabled and Windows "password protect" is not checked?
The message on the screen is as follows:
Windows Server 2003 Standard Edition
This Computer is in use and has been locked.
Only USERID (ACCOUNT NAME) or an administrator
can unlock this computer.  The same message one gets when locking your computer using CTRL-ALT-DEL.  It occurs after 10 minutes of idle time.
0
 
sk_raja_rajaCommented:
1.Can you run RSOP.msc on that machine and post the results....it should be group policy if not check for any local policy settings on that local machine...run GPEDIT.msc
2.Check your group policy settings.  You may have a group policy that locks the workstation after a set period of inactivity.

User Configuration\Administrative Templates\Control Panel\Display

Screen Saver, Screen Saver executable name (optional), Screen Saver
timeout and Password Protect the Screen Saver.

That will activate the screensaver after some minutes and will prompt the user for the password
0
 
sk_raja_rajaCommented:
0
 
OrcasTechAuthor Commented:
When I run RSOP, a only GP that might be the problem is "Microsoft Network Server: Amount of idle time required before suspending a session" is set to 15 minutes.  Should I change that GP?
0
 
sk_raja_rajaCommented:
but in your question you said 10mins????can you reconfirm it ? if it takes 15 mins to lock then its got to be the group policy...you need to change it
0
 
OrcasTechAuthor Commented:
I didn't time it exactly.  It was more than 10 minutes.  I didn't think it went 15 minutes.  Would you suugest that I change it anyway?
0
 
sk_raja_rajaCommented:
you can try to change the settings on the group policy and run gpupdate /force.
Restart the workstation and check now
0
 
OrcasTechAuthor Commented:
That did not work.  I timed it this time and it was 10 minutes and 3 seconds.
0
 
sk_raja_rajaCommented:
where did you change the settings..in the group policy or the local policy ?
do you have any other gp with same policy settings?
0
 
sk_raja_rajaCommented:
try to change in the local mahcine policy (run gpedit.msc) and check...
0
 
OrcasTechAuthor Commented:
Group Policy.  There are no other groups with the same policy.   I ran gpedit.msc on the server it is OK, too.
0
 
sk_raja_rajaCommented:
what do you mean by ok here? does it have 10 min settings ?
Change it to 20 or 25 mins on a workstation and see.... i am sure the culprit is the group policy...if it works fine in the workstation probably you should change it again in domain group policy and apply it to all machines and restart the machine.... in simple if the settings in gp is 10 mins it is going to be 10 mins on all workstations..right...
0
 
OrcasTechAuthor Commented:
I can find no policy or configuration where the settings are 10 minutes.  The Microsoft Network Server Policy defaults to 15 minutes.  That was changed to 30 minutes and the screen still locked after 10 minutes.
0
 
OrcasTechAuthor Commented:
Understanding all the Group policies that can cause the problem is the key.  I just kept looking at Group Policies, experimenting with changes and finally the problem went away.  I am not sure which change or changes solved the problem.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now