Solved

Group Policy to lock specific idle computers

Posted on 2014-03-06
4
546 Views
Last Modified: 2014-04-07
How do I create a group policy that would lock several specific idle computers
0
Comment
Question by:exhuser
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 37

Expert Comment

by:Mahesh
ID: 39911605
Just follow PDF file in below article to achieve this

http://gallery.technet.microsoft.com/Lock-Computers-In-Domain-b7f03800

The file speaks itself instead of typing every thing here

Note: same settings can be applied to workgroup computers also with local group policy editor (gpedit.msc) to get them locked after certain period of inactivity

Mahesh
0
 
LVL 4

Assisted Solution

by:michaelalphi
michaelalphi earned 250 total points
ID: 39911638
Hi,
You can do this by following below steps :

1. Create a GPO for screen saver
2. Expand Policies -> Administrative Templates -> Control Panel -> Personalization
3. Enable screen saver
4. Screen saver executable name - scrnsave.scr
5. Enable password protect the screen saver, prevent changing the screensaver, and screen saver timeout 180 seconds
6. Then link it to your domain.
Please check this to gather more info : http://prajwaldesai.com/lock-computers-in-domain-via-group-policy/
0
 

Author Comment

by:exhuser
ID: 39912838
I don't want this to apply to all computers in the domain -- just several workstations.
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 250 total points
ID: 39913234
Create one global security group and add required computers to that group

You can apply your new policy to domain level

In GPMC click new GPO and select scope tab at right hand side and in security filtering, remove authenticated users and add above security group there

Now GPO will apply to only those computers in security group

Mahesh
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question