Terminal Services Idle Session Time Limit Settings

Mixed Terminal Services environment with 2003 and 2008 r2 servers.  Have set session time limits on each user's account in AD.  For example idle session time limit 30 minutes.  This works great on 2003 servers.  After 30 minutes idle it resets the connection, but on the 2008 servers it does not.  I have checked each servers RDP-Tcp properties and override user settings is not checked.  Have checked local group policy on 2008 r2 servers and no policies are set.  Any ideas why the server is not using the User Account Settings?
tparrettAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
MaheshConnect With a Mentor ArchitectCommented:
Instead of setting terminal settings on individual users, apply GPO to terminal servers

Create one OU
place all your terminal servers (2003 \ 2008 \ 2012) in that OU
Now place one GPO on this OU and set whatever GPO options you wanted in user configuration
Most of the Options can be found under user configuration\administrative templates\windows components\remote desktop services\remote desktop session host
However you can put other desktop restrictions as well from user configuration

Now enable GPO loop back processing in replace mode in same GPO under computer configuration\administrative templates\system\Group Policy

Note that use 2008 \ 2012 GPMC in order to get best results

Now no matter who will login on terminal servers, all restrictions will get enforced on all users

Mahesh.
0
 
tparrettAuthor Commented:
Not all users have the same terminal settings.  Some users are allowed unlimited time, others only 30 minutes.  Can I create groups and set GPO's based on group membership?
0
 
MaheshArchitectCommented:
As far as I know GPO needs to be enforced on terminal server computer object so that it will apply to every body who logs on to particular terminal server only

If you apply these setings on OU containing users or if you use security filtering to apply these settings on groups, then no matter which server user logon through RDP, it will apply those restrictions on all RDP sessions, which is not what you want, right ?

You may try, so that you will come to know what i mean
0
All Courses

From novice to tech pro — start learning today.