Link to home
Start Free TrialLog in
Avatar of SvenIA
SvenIAFlag for Netherlands

asked on

Lock RDS session

In our network the fatclient lock after some idle time. I need the same for our RDS server. I can see a GPO configured with settings below. It's linked to the OU with the user accounts.

User generated image
How can i configure GPO so the RDS sessions will lock after some time?
Avatar of Joshua Grantom
Joshua Grantom
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of SvenIA


Thanks for your reply Joshua. Will this logoff the sessions, or just lock em? And under scope, what do i configure under scope filtering? Leave it to authenticated user?
This will disconnect the sessions after the idle time, If you have it linked to the OU that the RDS servers are in you can either leave it at authenticated users or you can add each RDS server and remove Authenticated Users. (I would only do this if there are other machines in the OU that you do not want this applied to)

To allow it just to lock, your above policy should apply to any user in that OU even when they are logging into an RDS server. The issue could be that your screensavertimeout and the session timeout are the same so you do not actually see the session lock, it just disconnects.
Avatar of SvenIA


I placed a GPO on the OU with the RDS server and configured session time out settings. It works great!

One more question. Can i exclude a few users from this policy somehow?
The GPO is applying based on the computer configuration so I believe  you cannot exclude any Users from it.
Avatar of SvenIA


Thanks a lot for your help. Much appreciated!