Lock RDS session

In our network the fatclient lock after some idle time. I need the same for our RDS server. I can see a GPO configured with settings below. It's linked to the OU with the user accounts.

How can i configure GPO so the RDS sessions will lock after some time?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Joshua GrantomSenior Systems AdministratorCommented:
You can create a GPO for your RDS servers and set the session limits.

Go to Computer Configurations > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Session Time Limits.

Set these to what you want and then apply the gpo to the OU that has the Terminal Servers in them.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SvenIAAuthor Commented:
Thanks for your reply Joshua. Will this logoff the sessions, or just lock em? And under scope, what do i configure under scope filtering? Leave it to authenticated user?
Joshua GrantomSenior Systems AdministratorCommented:
This will disconnect the sessions after the idle time, If you have it linked to the OU that the RDS servers are in you can either leave it at authenticated users or you can add each RDS server and remove Authenticated Users. (I would only do this if there are other machines in the OU that you do not want this applied to)

To allow it just to lock, your above policy should apply to any user in that OU even when they are logging into an RDS server. The issue could be that your screensavertimeout and the session timeout are the same so you do not actually see the session lock, it just disconnects.
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

SvenIAAuthor Commented:
I placed a GPO on the OU with the RDS server and configured session time out settings. It works great!

One more question. Can i exclude a few users from this policy somehow?
Joshua GrantomSenior Systems AdministratorCommented:
The GPO is applying based on the computer configuration so I believe  you cannot exclude any Users from it.
SvenIAAuthor Commented:
Thanks a lot for your help. Much appreciated!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.