Solved

Screensaver group policy issue

Posted on 2011-03-08
2
721 Views
Last Modified: 2012-06-22
Hello experts

I have an issue that is hopefully easy to resovle. I have a standard group policy applying to all staff whereby amongst many other things all staff get a screensaver set (Logon.scr) with a timeout of 15min and a force lock set so they have to enter their password to get back in (This was enforced by management recently). For a set of special staff who have complained I created a policy that is filtered to them only to bypass the password lock that seems to work well, but they are unable to adjust the screen saver properties since they are inheriting the other policy that sets the screen saver. How can I set it up so these people are able to have full control of screen saver settings ? Before anyone asks its not an option to make a new policy and target people for the locked screensaver only as opposed to the way ive been forced to try. Any help is greatly appreciated. Machine are all winxp sp3 and servers are 2008 r2
0
Comment
Question by:Porka
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 35080214
Move all the screen saver settings into their own GPO instead of the "all purpose" GPO, but still applied to all staff.
Then in the Delegation tab for the screen saver GPO, click the "Advanced" button, add the group that should not have the screen saver policy applied, and deny the "Apply Policy" permission.
0
 
LVL 6

Author Comment

by:Porka
ID: 35143893
Hi oBdA

Thanks for the quick response, exactly what I was after
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ADFS Help 7 48
Find enabled users in a OU 24 54
WIndows 2012 R2 Certificate Services 5 39
ADFS:  Allowing ActiveSync clients to use App Passwords 1 26
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question