Avatar of SvenIA
SvenIA
Flag for Netherlands asked on

Lock RDS session

In our network the fatclient lock after some idle time. I need the same for our RDS server. I can see a GPO configured with settings below. It's linked to the OU with the user accounts.

GPO
How can i configure GPO so the RDS sessions will lock after some time?
Windows Server 2012Active Directory

Avatar of undefined
Last Comment
SvenIA

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Joshua Grantom

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SvenIA

ASKER
Thanks for your reply Joshua. Will this logoff the sessions, or just lock em? And under scope, what do i configure under scope filtering? Leave it to authenticated user?
Joshua Grantom

This will disconnect the sessions after the idle time, If you have it linked to the OU that the RDS servers are in you can either leave it at authenticated users or you can add each RDS server and remove Authenticated Users. (I would only do this if there are other machines in the OU that you do not want this applied to)

To allow it just to lock, your above policy should apply to any user in that OU even when they are logging into an RDS server. The issue could be that your screensavertimeout and the session timeout are the same so you do not actually see the session lock, it just disconnects.
SvenIA

ASKER
I placed a GPO on the OU with the RDS server and configured session time out settings. It works great!

One more question. Can i exclude a few users from this policy somehow?
Your help has saved me hundreds of hours of internet surfing.
fblack61
Joshua Grantom

The GPO is applying based on the computer configuration so I believe  you cannot exclude any Users from it.
SvenIA

ASKER
Thanks a lot for your help. Much appreciated!