Solved

System Returns to Password Screen Lock after 10 MInutes

Posted on 2008-10-05
17
2,565 Views
Last Modified: 2010-04-21
With all Terminal Server Sessions running on Wyse Terminals and after loggin in to the session with appropriate userid and password, the session returns to the password requires to unlock the computer after 10 minutes.  I have changed the idle timeout in both the terminal server configuration and Group Policy for the Group Policy Object (Terminal Server Users) to 1 day.  It still times out?
0
Comment
Question by:OrcasTech
17 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 22647032
That setting is the SCREEN SAVER setting with "on resume, password protect" checked
0
 
LVL 1

Expert Comment

by:No1_Reggie
ID: 22648224
Depending on the particular WYSE terminal you are using - some of them have their own control panel which will start a screensaver - check on that but i think your issue is exactly what leew has described.
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22653497
I am assuming you are talking about the windows screensaver ? Configuration\Administrative Templates\Control Panel\Display. The following sub-policies are the ones you are seeking:

Activate screensaver:

If you enable it, a screen saver will run provided the following two condtions hold: First, a valid screensaver on the client is specified via the "Screensaver executable name" policy or via Control Panel on the client computer. Second, the screensaver timeout is set to a nonzero value via the policy or Control Panel.

Password protect the screen saver:

Determines whether screen savers used on the computer are password protected.

If you enable this policy, all screen savers are password protected. If you disable this policy, password protection cannot be set on any screen saver.

This policy also disables the "Password protected" check box on the Screen Saver tab in Display in Control Panel, preventing users from changing the password protection setting.

If you do not configure this policy, users can choose whether or not to set password protection on each screen saver.

This policy is used only when a screen saver is specified for the computer. To specify a screen saver on a computer, in Control Panel, double-click Display, and then click the Screen Saver tab. To specify a screen saver in a policy, use the "Screen saver executable name" policy.

Note: To remove the Screen Saver tab, use the "Hide Screen Saver tab" policy.

Screen saver time out:

Specifies how much user idle time must elapse before the screen saver is launched.

When configured, this idle time can be set from a minimum of 1 second to a maximum of 86400 seconds, or 24 hours. If set to zero, the screen saver will not be launched.

This policy has no effect under any of the following circumstances:

- The policy is disabled or not configured.
- The wait time is set to zero.
- The "Activate screen saver" policy is disabled.
- Neither the "Screen saver executable name" policy nor the Screen Saver tab of the client computer's Display Properties dialog box specifies a valid, existing screensaver program on the client.

When not configured, whatever wait time is set on the client through the Screen Saver tab of the Display Properties dialog box is used. The default is 15 minutes.

Hide Screen Saver Tab:

Removes the Screen Saver tab from Display in Control Panel.

This policy prevents users from using Control Panel to add, configure, or change the screen saver on the computer.


also after changing the policy it will take time to propegate unless you force the policy
0
 

Author Comment

by:OrcasTech
ID: 22664318
None of the Group Policies sited are enabled and Windows "password protect" is not checked?
The message on the screen is as follows:
Windows Server 2003 Standard Edition
This Computer is in use and has been locked.
Only USERID (ACCOUNT NAME) or an administrator
can unlock this computer.  The same message one gets when locking your computer using CTRL-ALT-DEL.  It occurs after 10 minutes of idle time.
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22664355
1.Can you run RSOP.msc on that machine and post the results....it should be group policy if not check for any local policy settings on that local machine...run GPEDIT.msc
2.Check your group policy settings.  You may have a group policy that locks the workstation after a set period of inactivity.

User Configuration\Administrative Templates\Control Panel\Display

Screen Saver, Screen Saver executable name (optional), Screen Saver
timeout and Password Protect the Screen Saver.

That will activate the screensaver after some minutes and will prompt the user for the password
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22664360
0
 

Author Comment

by:OrcasTech
ID: 22665463
When I run RSOP, a only GP that might be the problem is "Microsoft Network Server: Amount of idle time required before suspending a session" is set to 15 minutes.  Should I change that GP?
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22665499
but in your question you said 10mins????can you reconfirm it ? if it takes 15 mins to lock then its got to be the group policy...you need to change it
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:OrcasTech
ID: 22665956
I didn't time it exactly.  It was more than 10 minutes.  I didn't think it went 15 minutes.  Would you suugest that I change it anyway?
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22666233
you can try to change the settings on the group policy and run gpupdate /force.
Restart the workstation and check now
0
 

Author Comment

by:OrcasTech
ID: 22671385
That did not work.  I timed it this time and it was 10 minutes and 3 seconds.
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22671674
where did you change the settings..in the group policy or the local policy ?
do you have any other gp with same policy settings?
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22671678
try to change in the local mahcine policy (run gpedit.msc) and check...
0
 

Author Comment

by:OrcasTech
ID: 22672069
Group Policy.  There are no other groups with the same policy.   I ran gpedit.msc on the server it is OK, too.
0
 
LVL 18

Accepted Solution

by:
sk_raja_raja earned 125 total points
ID: 22672104
what do you mean by ok here? does it have 10 min settings ?
Change it to 20 or 25 mins on a workstation and see.... i am sure the culprit is the group policy...if it works fine in the workstation probably you should change it again in domain group policy and apply it to all machines and restart the machine.... in simple if the settings in gp is 10 mins it is going to be 10 mins on all workstations..right...
0
 

Author Comment

by:OrcasTech
ID: 22672207
I can find no policy or configuration where the settings are 10 minutes.  The Microsoft Network Server Policy defaults to 15 minutes.  That was changed to 30 minutes and the screen still locked after 10 minutes.
0
 

Author Closing Comment

by:OrcasTech
ID: 31503291
Understanding all the Group policies that can cause the problem is the key.  I just kept looking at Group Policies, experimenting with changes and finally the problem went away.  I am not sure which change or changes solved the problem.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We have adopted the strategy to use Computers in Student Labs as the bulletin boards. The same target can be achieved by using a Login Notice feature in Group policy but it’s not as attractive as graphical wallpapers with message which grabs the att…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now