?
Solved

System Returns to Password Screen Lock after 10 MInutes

Posted on 2008-10-05
17
Medium Priority
?
2,574 Views
Last Modified: 2010-04-21
With all Terminal Server Sessions running on Wyse Terminals and after loggin in to the session with appropriate userid and password, the session returns to the password requires to unlock the computer after 10 minutes.  I have changed the idle timeout in both the terminal server configuration and Group Policy for the Group Policy Object (Terminal Server Users) to 1 day.  It still times out?
0
Comment
Question by:OrcasTech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
17 Comments
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 22647032
That setting is the SCREEN SAVER setting with "on resume, password protect" checked
0
 
LVL 1

Expert Comment

by:No1_Reggie
ID: 22648224
Depending on the particular WYSE terminal you are using - some of them have their own control panel which will start a screensaver - check on that but i think your issue is exactly what leew has described.
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22653497
I am assuming you are talking about the windows screensaver ? Configuration\Administrative Templates\Control Panel\Display. The following sub-policies are the ones you are seeking:

Activate screensaver:

If you enable it, a screen saver will run provided the following two condtions hold: First, a valid screensaver on the client is specified via the "Screensaver executable name" policy or via Control Panel on the client computer. Second, the screensaver timeout is set to a nonzero value via the policy or Control Panel.

Password protect the screen saver:

Determines whether screen savers used on the computer are password protected.

If you enable this policy, all screen savers are password protected. If you disable this policy, password protection cannot be set on any screen saver.

This policy also disables the "Password protected" check box on the Screen Saver tab in Display in Control Panel, preventing users from changing the password protection setting.

If you do not configure this policy, users can choose whether or not to set password protection on each screen saver.

This policy is used only when a screen saver is specified for the computer. To specify a screen saver on a computer, in Control Panel, double-click Display, and then click the Screen Saver tab. To specify a screen saver in a policy, use the "Screen saver executable name" policy.

Note: To remove the Screen Saver tab, use the "Hide Screen Saver tab" policy.

Screen saver time out:

Specifies how much user idle time must elapse before the screen saver is launched.

When configured, this idle time can be set from a minimum of 1 second to a maximum of 86400 seconds, or 24 hours. If set to zero, the screen saver will not be launched.

This policy has no effect under any of the following circumstances:

- The policy is disabled or not configured.
- The wait time is set to zero.
- The "Activate screen saver" policy is disabled.
- Neither the "Screen saver executable name" policy nor the Screen Saver tab of the client computer's Display Properties dialog box specifies a valid, existing screensaver program on the client.

When not configured, whatever wait time is set on the client through the Screen Saver tab of the Display Properties dialog box is used. The default is 15 minutes.

Hide Screen Saver Tab:

Removes the Screen Saver tab from Display in Control Panel.

This policy prevents users from using Control Panel to add, configure, or change the screen saver on the computer.


also after changing the policy it will take time to propegate unless you force the policy
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 

Author Comment

by:OrcasTech
ID: 22664318
None of the Group Policies sited are enabled and Windows "password protect" is not checked?
The message on the screen is as follows:
Windows Server 2003 Standard Edition
This Computer is in use and has been locked.
Only USERID (ACCOUNT NAME) or an administrator
can unlock this computer.  The same message one gets when locking your computer using CTRL-ALT-DEL.  It occurs after 10 minutes of idle time.
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22664355
1.Can you run RSOP.msc on that machine and post the results....it should be group policy if not check for any local policy settings on that local machine...run GPEDIT.msc
2.Check your group policy settings.  You may have a group policy that locks the workstation after a set period of inactivity.

User Configuration\Administrative Templates\Control Panel\Display

Screen Saver, Screen Saver executable name (optional), Screen Saver
timeout and Password Protect the Screen Saver.

That will activate the screensaver after some minutes and will prompt the user for the password
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22664360
0
 

Author Comment

by:OrcasTech
ID: 22665463
When I run RSOP, a only GP that might be the problem is "Microsoft Network Server: Amount of idle time required before suspending a session" is set to 15 minutes.  Should I change that GP?
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22665499
but in your question you said 10mins????can you reconfirm it ? if it takes 15 mins to lock then its got to be the group policy...you need to change it
0
 

Author Comment

by:OrcasTech
ID: 22665956
I didn't time it exactly.  It was more than 10 minutes.  I didn't think it went 15 minutes.  Would you suugest that I change it anyway?
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22666233
you can try to change the settings on the group policy and run gpupdate /force.
Restart the workstation and check now
0
 

Author Comment

by:OrcasTech
ID: 22671385
That did not work.  I timed it this time and it was 10 minutes and 3 seconds.
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22671674
where did you change the settings..in the group policy or the local policy ?
do you have any other gp with same policy settings?
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22671678
try to change in the local mahcine policy (run gpedit.msc) and check...
0
 

Author Comment

by:OrcasTech
ID: 22672069
Group Policy.  There are no other groups with the same policy.   I ran gpedit.msc on the server it is OK, too.
0
 
LVL 18

Accepted Solution

by:
sk_raja_raja earned 375 total points
ID: 22672104
what do you mean by ok here? does it have 10 min settings ?
Change it to 20 or 25 mins on a workstation and see.... i am sure the culprit is the group policy...if it works fine in the workstation probably you should change it again in domain group policy and apply it to all machines and restart the machine.... in simple if the settings in gp is 10 mins it is going to be 10 mins on all workstations..right...
0
 

Author Comment

by:OrcasTech
ID: 22672207
I can find no policy or configuration where the settings are 10 minutes.  The Microsoft Network Server Policy defaults to 15 minutes.  That was changed to 30 minutes and the screen still locked after 10 minutes.
0
 

Author Closing Comment

by:OrcasTech
ID: 31503291
Understanding all the Group policies that can cause the problem is the key.  I just kept looking at Group Policies, experimenting with changes and finally the problem went away.  I am not sure which change or changes solved the problem.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question