Lock RDS session

In our network the fatclient lock after some idle time. I need the same for our RDS server. I can see a GPO configured with settings below. It's linked to the OU with the user accounts.

How can i configure GPO so the RDS sessions will lock after some time?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Joshua GrantomSenior Systems AdministratorCommented:
You can create a GPO for your RDS servers and set the session limits.

Go to Computer Configurations > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Session Time Limits.

Set these to what you want and then apply the gpo to the OU that has the Terminal Servers in them.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SvenIAAuthor Commented:
Thanks for your reply Joshua. Will this logoff the sessions, or just lock em? And under scope, what do i configure under scope filtering? Leave it to authenticated user?
Joshua GrantomSenior Systems AdministratorCommented:
This will disconnect the sessions after the idle time, If you have it linked to the OU that the RDS servers are in you can either leave it at authenticated users or you can add each RDS server and remove Authenticated Users. (I would only do this if there are other machines in the OU that you do not want this applied to)

To allow it just to lock, your above policy should apply to any user in that OU even when they are logging into an RDS server. The issue could be that your screensavertimeout and the session timeout are the same so you do not actually see the session lock, it just disconnects.
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

SvenIAAuthor Commented:
I placed a GPO on the OU with the RDS server and configured session time out settings. It works great!

One more question. Can i exclude a few users from this policy somehow?
Joshua GrantomSenior Systems AdministratorCommented:
The GPO is applying based on the computer configuration so I believe  you cannot exclude any Users from it.
SvenIAAuthor Commented:
Thanks a lot for your help. Much appreciated!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.