I am running Active Directory on Windows 2003 domain controllers in native mode. I need to force my users to log off every night. Now I know there is a LOGON HOUR policy but I do not want to restrict them for a whole hour. I just need them to log out and back on so that any new login scripts would be applied to them. I dont like users staying logged in for weeks at a time and only locking their keyboards. Now one thing about this .... I do not want to do this with a script that runs on every single pc or have to run a shutdown command from a remote computer against every computer. The WinExit scr will not work for me either. I want users to be able to use whatever screen saver they want. This needs to be controlled centrally somehow. Any ideas on how to accomplish this. I cant believe MS only allows you to block a user for one hour incements. So... how can I force a logoff?