I googled and also went to EE's http://www.experts-exchange.com/Security/Operating_Systems_Security/Windows/Q_21123311.html?sfQueryTermInfo=1+10+30+forc+log+out
However, did not find my specific answer. We are capturing login and logoff info; however, employees sometimes forget to log out. Our boss wants us to log them out after 2 hours of idle time. I went to active directory and selected "Disconnect from session" after two hours of idle time, but we still have the same problem. Should I have chosen "End session" instead or will that not actually log people out either? Thank you.