Windows 7 not locking after set period of time even though set in Server 2003 GPO

We have an SBS 2003 domain. I have a GPO that is called 'lockup'. In it, the following user configuration options have been set:-

Screen Saver - Enabled
Screen Saver Executable - %windir%\system32\rundll32.exe user32.dll,LockWorkStation
Password Protect on resume - Enabled
Screen Saver Timeout - 300

This GPO is set at the domain level, and is limited to the MYDOMAIN\Lockup group only.

I have a Windows 7 notebook on the domain with the primary user as a member of the MYDOMAIN\Lockup group, but the laptop does NOT lock after 5 minutes as I would hope.

I have run RSoP against his account on his machine, and I can see that the settings of my policy 'appear' to be in effect, but it just doesn't work.

The policy is enforced, and no other policies are overriding these settings.

Any ideas please?
LVL 17
Chris MillardAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Brad GrouxSenior Manager (Wintel Engineering)Commented:
Verify that the BIOS levels on the machine in question are up to date.

Also, insure that even though the GPO is enforced, do a gpupdate /force from the command line and then a gpresults to insure it is being applied.

If it is being applied, then verify that the registry setting is being changed in the registry.

1. Open regedit
2. Navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
- If System key doesn't exist, create it
3. Verify and/or create a DWORD 32-bit value and name it to DisableLockWorkstation
4. Edit DisableLockWorkstation and enter 0 for Value data:

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Chris MillardAuthor Commented:
Hi Brad,  

I can't check the BIOS until Monday, but the other things you mentioned have already been done.

Hypercat (Deb)Commented:
Not all settings in the Windows 2003 version of group policies will work with Windows 7.  Windows 7 uses a newer version of group policies.  If you're going to have more Windows 7 machines on your domain with a Windows 2003 server, you'll want to set your Windows 7 policies locally on one Windows 7 machine and then upload the Windows\PolicyDefinitions folder from that machine to your server. Then you would need to manage them from the GPMC installed on a Windows 7 workstation, not the server.  If you're just going to have this one Windows 7 machine on the domain, set the policy locally on that machine.
We recently had a machine with the same behaviour. All other machines abided by the policy, just this one wouldnt. Ultimately I found that the idle timer on this computer was never incrementing past 0.  I used an idle time viewer similar to .  Turns out the driver for our mouse was not installed and was causing the idle timer issue.
Chris MillardAuthor Commented:
Updating the BIOS has resolved this issue. I don't claim to understand why though!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 7

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.