Solved

How can I eliminate the new WIndows Desktop security screen (Win Server)?

Posted on 2015-02-12
11
62 Views
Last Modified: 2015-05-21
Since the latest round of Windows updates, many of our servers (2008 and 2012) are suddenly deploying a "desktop security screen" which requires a CAD and entering of logged in user's password.  The user is actually still logged into the machine, but the desktop is hidden behind this idiotic security screen.  

Power opt are all set to "never," and "use password on sleep mode", which itself is turned off, is also disabled.  Yet this persists, usually after 5/10/15 mins of inactivity.

How can I disable this unwanted behavior?

Thank you.
M
0
Comment
Question by:michaelheffernan
  • 7
  • 4
11 Comments
 
LVL 13

Expert Comment

by:Rizzle
ID: 40606473
Hi M,

Could you post a screenshot for further investigation please?
0
 

Author Comment

by:michaelheffernan
ID: 40606526
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40606552
Hi Michael,

That screenshot looks normal to me. Is the other user logged in via RDP I'm assuming?

Our servers display that security message aswell.
0
 

Author Comment

by:michaelheffernan
ID: 40606566
There is no one logged in remotely.  

We use VNC internally, not RDP, since screens cannot be viewed by more then one person (with RDP).  Please notice that nothing is mentioned about anyone being logged in *remotely*, just that the administrator (who is normally logged in there for certain apps to function) is "logged in."

M
0
 

Author Comment

by:michaelheffernan
ID: 40606624
Here's another server; never, ever done this before...
securescreen.jpg
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:michaelheffernan
ID: 40606630
CAD gets this:  notice the word "locked"  This moronic behavior started with the latest MS updates this past week.
scrn.jpg
0
 
LVL 13

Assisted Solution

by:Rizzle
Rizzle earned 500 total points
ID: 40606660
Mike,

In all scenarios it looks like someone is logged into the clients/servers.

Try this as a test, someone login as the admin account and then log out and then see if someone can login ok,

Here's a GPO to change the timeout behaviour:

https://technet.microsoft.com/en-us/library/jj966265%28v=ws.10%29.aspx
0
 

Author Comment

by:michaelheffernan
ID: 40606682
Your suggestion is not clear to me.  Log into a server console as admin, then log out.  then log in again?   At the console or remotely or where?

I have already jiggled the local GPO according to suggestions I found online; they haven't been effective.  We don't apply domain GPO to the servers; too unreliable and disruptive.  I will look at your link, tho.

M
0
 
LVL 13

Accepted Solution

by:
Rizzle earned 500 total points
ID: 40606721
Login to the server via rdp or vnc using the administrator account. Once that's done log out and then let me know if that is ok.

I believe the only way to control this would be via a gpo but hopefully my link can help out with the interactive login side of things.

In our environment the screen you're getting would be seen when we open up our vsphere console to have a look at a server state.
0
 

Author Comment

by:michaelheffernan
ID: 40606760
Thank you for the assistance.  

My experience using RDP has always resulted in a console lock out screen that identified whoever was logged in remotely.  This is not that.  In addition, going in with VNC is transparent to Windows.  That always works, except CAD doesn't always function.

I have found yet another reference to this issue, altho naturally MS changed how this feature works between 2008 and '12, and applied it to the 2008 machine (registry change/a CP option magically appearing).  It seems to work with 2008.

Your link is applicable to 2012 (and Win8) only, so I will weigh that, but w/out applying domain GPO to the servers.  That would have the potential of making life really miserable.

M
0
 

Author Comment

by:michaelheffernan
ID: 40606868
Postscript: I believe I finally located the setting in WIn8/Win2012 server.  Under "Change what the power button does" for God knows whatever reason.  There are yet more boxes and radio dials that need unticking.  So far, that has been successful.
I'll wait til tomorrow. if this is the case, I will close this thread and split the points.
thanks again for the assistance.

Mike
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Problem: Windows 32bit running out of paging space. Solution: Add additional page files on separate partitions. Background: By default Windows creates only one page file on the partition you install Windows on. You may know that the maximu…
If, like me, you have a lot of Dell servers in the estate you manage this article should save you a little time. When attempting to login to iDrac on any server I would be presented with two errors. The first reads "Do you want to run this applicati…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now