Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Lock RDS session

Posted on 2014-11-21
6
Medium Priority
?
297 Views
Last Modified: 2014-12-02
In our network the fatclient lock after some idle time. I need the same for our RDS server. I can see a GPO configured with settings below. It's linked to the OU with the user accounts.

GPO
How can i configure GPO so the RDS sessions will lock after some time?
0
Comment
Question by:SvenIA
  • 3
  • 3
6 Comments
 
LVL 16

Accepted Solution

by:
Joshua Grantom earned 2000 total points
ID: 40457485
You can create a GPO for your RDS servers and set the session limits.

Go to Computer Configurations > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Session Time Limits.

Set these to what you want and then apply the gpo to the OU that has the Terminal Servers in them.
0
 
LVL 7

Author Comment

by:SvenIA
ID: 40457510
Thanks for your reply Joshua. Will this logoff the sessions, or just lock em? And under scope, what do i configure under scope filtering? Leave it to authenticated user?
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40457544
This will disconnect the sessions after the idle time, If you have it linked to the OU that the RDS servers are in you can either leave it at authenticated users or you can add each RDS server and remove Authenticated Users. (I would only do this if there are other machines in the OU that you do not want this applied to)

To allow it just to lock, your above policy should apply to any user in that OU even when they are logging into an RDS server. The issue could be that your screensavertimeout and the session timeout are the same so you do not actually see the session lock, it just disconnects.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 7

Author Comment

by:SvenIA
ID: 40470444
I placed a GPO on the OU with the RDS server and configured session time out settings. It works great!

One more question. Can i exclude a few users from this policy somehow?
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40473839
The GPO is applying based on the computer configuration so I believe  you cannot exclude any Users from it.
0
 
LVL 7

Author Closing Comment

by:SvenIA
ID: 40475652
Thanks a lot for your help. Much appreciated!
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question