Group Policy Auto Log Off 2008 AD

We have a lot of users that will leave there computer for an extended amount of time to assist patients. After 10 minutes it will lock there computer, which then requires that user or an administrator to unlock the workstation. Unfortunately there are a lot of users in these area's and more often than not every computer is being used. This imposes a problem when a "normal" account try's to unlock the workstation that has been locked by another users account. What would be the best way to handle this issue? I have never enforced a GPO that would auto log off a user after X amount of minutes.. Would that be the best way to go? I really do not want to give administrator rights to anyone but my department. If the auto log off GPO is my best bet, does anyone know where in group policy i can enforce this?
Who is Participating?
On simple option is just to disable passwords on workstation screensavers.
This can be done through group Policy. Then a user can log off another user if theya re logged in and log on as themselves. Or use their login without having to know the other user's password.
Not sure if this will remove existing passwords but you could use a few of the group policies to reset the screen savers. They are all located here.
Under User Configuration - Policies - Adminsitrative Templates - Control Panel - Display

Alternatively, there is a third party solution called "Unlock Administrator". Use this link

Unfortunatley, there is no option to modify user rights to unlock screens with Group Policy. I thought there would be

Use the old "winexit.scr" sreeensaver workaround for doing this.

I am however struggling to find a copy specifically for Windows 2008, however all the MS forums say this is the way to go.
Radhakrishnan RSenior Technical LeadCommented:
You can do this by changing domain gpo.

Computer Configuration\Windows Settings
\Security Settings\Local Policies\Security
You have to set the ctrl alt del option or else disable it if not at all required.
I hope you have domain environment with AD.
castonincAuthor Commented:
We have the control alt delete option enabled already, and yes we are using AD. The issue is that after the user leaves the workstation for 10 or 15 minutes the workstation automatically locks its self. So then only that user or an administrator can unlock it!
I also found this. May be of use but I haven't tried it.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.