Different group policy setting for external vs internal users

Hi Experts,

We have a policy setting that enables screen saver after 10 minutes.
A lot of the users are complaining about this time and I am wondering if its possible to apply a different policy which allows more time before the screensaver locks the computer if the computer is connected to the LAN vs. if the computer is being used outside the network.

Any suggestions?
nebb-sbtAsked:
Who is Participating?
 
NavdeepCommented:
Hi,

When they log on externally do you mean they don't logon to domain? or do they logon to domain but using external network.

There is a way to achieve that but you need to use either wsh(batch) or vbscript. The logic goes like this. Check for internal IP addres, if matches then do not make change to the registry, else make change to the registry that controls screensaver time out settings.

Regards,
v-2nas
exchangeadtech.wordpress.com
0
 
celazkonCommented:
If you know WHICH computers are the external ones, I would recomend to create an OU for these external computers, and move the AD external computer objects to this OU. Then create a GPO, set up the screensaver preferences and link it to the OU.
0
 
nebb-sbtAuthor Commented:
Well, that is the problem.
Most of our employees are both working internal and outside the organization - at clients and etc.
I need something dynamic that will decide whether or not the client is located on our LAN.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
nebb-sbtAuthor Commented:
Are you suggesting we use a login script to check that or .. ?
0
 
NavdeepCommented:
yes. You would need that but does clients logon to domain when connecting via external network.
0
 
nebb-sbtAuthor Commented:
We have a on-demand VPN for file access and etc, but its not normally used.
Use of login script wouldnt be very effective if the user hibernates his computer before running to a client meeting.
0
 
NavdeepCommented:
Ok,

See if users are logged in on internal network, unplug their babies, hibernate them and go outside turn them on and logged on using cached creds then internal policies will remain in effect otherwise if they login to domain via external network then they will get update based on login script,

Regards,
Navdeep
0
 
nebb-sbtAuthor Commented:
The logon script will not fulfill what I wanted,
but I'll accept your answer as a alternative solution.

Thanks Navdeep
0
 
nebb-sbtAuthor Commented:
Partially complete solution - did not solve my problem
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.