We have a lot of users that will leave there computer for an extended amount of time to assist patients. After 10 minutes it will lock there computer, which then requires that user or an administrator to unlock the workstation. Unfortunately there are a lot of users in these area's and more often than not every computer is being used. This imposes a problem when a "normal" account try's to unlock the workstation that has been locked by another users account. What would be the best way to handle this issue? I have never enforced a GPO that would auto log off a user after X amount of minutes.. Would that be the best way to go? I really do not want to give administrator rights to anyone but my department. If the auto log off GPO is my best bet, does anyone know where in group policy i can enforce this?