[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Different group policy setting for external vs internal users

Posted on 2011-10-04
9
Medium Priority
?
586 Views
Last Modified: 2012-05-12
Hi Experts,

We have a policy setting that enables screen saver after 10 minutes.
A lot of the users are complaining about this time and I am wondering if its possible to apply a different policy which allows more time before the screensaver locks the computer if the computer is connected to the LAN vs. if the computer is being used outside the network.

Any suggestions?
0
Comment
Question by:nebb-sbt
  • 5
  • 3
9 Comments
 
LVL 7

Expert Comment

by:celazkon
ID: 36908700
If you know WHICH computers are the external ones, I would recomend to create an OU for these external computers, and move the AD external computer objects to this OU. Then create a GPO, set up the screensaver preferences and link it to the OU.
0
 

Author Comment

by:nebb-sbt
ID: 36908717
Well, that is the problem.
Most of our employees are both working internal and outside the organization - at clients and etc.
I need something dynamic that will decide whether or not the client is located on our LAN.
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 1500 total points
ID: 36909272
Hi,

When they log on externally do you mean they don't logon to domain? or do they logon to domain but using external network.

There is a way to achieve that but you need to use either wsh(batch) or vbscript. The logic goes like this. Check for internal IP addres, if matches then do not make change to the registry, else make change to the registry that controls screensaver time out settings.

Regards,
v-2nas
exchangeadtech.wordpress.com
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:nebb-sbt
ID: 36909288
Are you suggesting we use a login script to check that or .. ?
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 36909299
yes. You would need that but does clients logon to domain when connecting via external network.
0
 

Author Comment

by:nebb-sbt
ID: 36909438
We have a on-demand VPN for file access and etc, but its not normally used.
Use of login script wouldnt be very effective if the user hibernates his computer before running to a client meeting.
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 36909846
Ok,

See if users are logged in on internal network, unplug their babies, hibernate them and go outside turn them on and logged on using cached creds then internal policies will remain in effect otherwise if they login to domain via external network then they will get update based on login script,

Regards,
Navdeep
0
 

Author Comment

by:nebb-sbt
ID: 36923467
The logon script will not fulfill what I wanted,
but I'll accept your answer as a alternative solution.

Thanks Navdeep
0
 

Author Closing Comment

by:nebb-sbt
ID: 36923471
Partially complete solution - did not solve my problem
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question