We have an SBS 2003 domain. I have a GPO that is called 'lockup'. In it, the following user configuration options have been set:-
Screen Saver - Enabled
Screen Saver Executable - %windir%\system32\rundll32.exe user32.dll,LockWorkStation
Password Protect on resume - Enabled
Screen Saver Timeout - 300
This GPO is set at the domain level, and is limited to the MYDOMAIN\Lockup group only.
I have a Windows 7 notebook on the domain with the primary user as a member of the MYDOMAIN\Lockup group, but the laptop does NOT lock after 5 minutes as I would hope.
I have run RSoP against his account on his machine, and I can see that the settings of my policy 'appear' to be in effect, but it just doesn't work.
The policy is enforced, and no other policies are overriding these settings.
Any ideas please?