I have a screen saver USER timeout set on default domain policy to 15min. This is inherited and applies to all users.
User accounts are in Staff OU
Workstation accounts are in Workstation OU
Server accounts are in Server OU
I want to set a different timeout to the same staff but to apply to servers only.
So when they login to their workstation its 15min, but same user on a server its 30min.
The issue here is that the timeout is a USER setting so putting it on my server group policy does not work because the users are not located in that OU, only server computer accounts are.
Putting it in the staff OU will apply to all staff but to all computers that staff logs into, workstation and server.
This is pointless since I already have it in default group policy and I don't want this.
unlike preferences this gpo setting doesn't have item level targeting.
So how do I enforce 2 different user settings to all users but on 2 different computer types?
1.The most common issue seen with Group Policy is a setting not being applied. The first place to check is the Scope Tab on the Group Policy Object (GPO). If you are configuring a computer side setting, make sure the GPO is linked to the Organization Unit (OU) that contains the computer. If the GPO configures a user side setting, it needs to be linked to the OU containing the correct user. Remember, GPOs cannot be linked to an OU that just contains security groups. You can use this PowerShell script to optimize your GPO links and ensure that they are properly linked.
DCs are all win 2012, pcs are win 7, servers are 2008R2 and 2012.