How to create logoff policy in Group Policy Management

I'm trying to create a logoff policy as described here...
http://support.microsoft.com/?kbid=198642
However I am using the SBS 2003 Group Policy Management Console and the instructions for Windows 2000 don't seem relevant.
Where do I drill down in the GPMC in order to find and edit the logoff script?
Thanks.
ArkAdminAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Jerrod_WConnect With a Mentor Commented:
I use SBS as well. Under the GPMC, go to My Business -> Users -> SBSUsers.  Edit  the policy and go to  User Configuration -> Windows Settings -> Scripts. From there you can add the script that you want to run on user logoff.
0
 
sk_raja_rajaCommented:
1.If you want to do it by number of inactivity hours, then you must use the WinExit.scr Screen Saver... which CAN be configured by Group Policy.  http:Q_21566165.html

2.Here's another reference which is more specific to SBS:  http://msmvps.com/blogs/kwsupport/archive/2004/09/01/12709.aspx

3.to be a bit more specific, look at this comment:  http:Q_21566165.html#14913265

4.You can use the "loopback" processing of group policies for that.
a. In the "Public WS" OU, create a new GPO named, for example "Loopback"; check "deactivate userdefined configuration" (I'm not sure about the English name of that entry) in properties. Edit the GPO and enable: Computer Configuration - Administrative Templates - group policies - Activate Loopback mode for group policies (or similar; as I said, I don't use an English version, so check out the explanation tab if unsure). Set the mode to replace (or merge, whatever suits you better).
b. Now create your additional GPO(s) for your users in this OU; especially the screen saver setting ... If possible, check "deactivate computer configuration" in those. Important: Do *not* use the "Loopback" GPO to configure other settings. These GPOs will now only apply if the users logon to the public workstation. Depending on your loopback mode setting, your regular user GPOs will still apply, but they will be overridden by the settings defined in your "Public WS" GPO.
Note that you do (or "may") *not* need to put the users in (or below) the "Public WS" OU. New GPOs in that OU will be applied to *all* users logging on to that machine, even though those users are not in/below the public WS OU.
To exclude administrators, use the security group filtering. I'd recommend to do the following (for any GPO, not only the "Public WS"): For every GPO, create a global security group named, for example, GPol<GPO name> (*G*lobal *Pol*icy group for GPO <name>). Make the desired users member of this group. In the security settings for the GPO, remove the "Apply" and "Read" permission for the default "Authenticated Users", add it for the proper security group instead. That way you're pretty safe from surprises ...

Loopback Processing of Group Policy
http://support.microsoft.com/?kbid=231287

5.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.