Solved

How can I eliminate the new WIndows Desktop security screen (Win Server)?

Posted on 2015-02-12
11
68 Views
Last Modified: 2015-05-21
Since the latest round of Windows updates, many of our servers (2008 and 2012) are suddenly deploying a "desktop security screen" which requires a CAD and entering of logged in user's password.  The user is actually still logged into the machine, but the desktop is hidden behind this idiotic security screen.  

Power opt are all set to "never," and "use password on sleep mode", which itself is turned off, is also disabled.  Yet this persists, usually after 5/10/15 mins of inactivity.

How can I disable this unwanted behavior?

Thank you.
M
0
Comment
Question by:michaelheffernan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
11 Comments
 
LVL 13

Expert Comment

by:Rizzle
ID: 40606473
Hi M,

Could you post a screenshot for further investigation please?
0
 

Author Comment

by:michaelheffernan
ID: 40606526
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40606552
Hi Michael,

That screenshot looks normal to me. Is the other user logged in via RDP I'm assuming?

Our servers display that security message aswell.
0
Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

 

Author Comment

by:michaelheffernan
ID: 40606566
There is no one logged in remotely.  

We use VNC internally, not RDP, since screens cannot be viewed by more then one person (with RDP).  Please notice that nothing is mentioned about anyone being logged in *remotely*, just that the administrator (who is normally logged in there for certain apps to function) is "logged in."

M
0
 

Author Comment

by:michaelheffernan
ID: 40606624
Here's another server; never, ever done this before...
securescreen.jpg
0
 

Author Comment

by:michaelheffernan
ID: 40606630
CAD gets this:  notice the word "locked"  This moronic behavior started with the latest MS updates this past week.
scrn.jpg
0
 
LVL 13

Assisted Solution

by:Rizzle
Rizzle earned 500 total points
ID: 40606660
Mike,

In all scenarios it looks like someone is logged into the clients/servers.

Try this as a test, someone login as the admin account and then log out and then see if someone can login ok,

Here's a GPO to change the timeout behaviour:

https://technet.microsoft.com/en-us/library/jj966265%28v=ws.10%29.aspx
0
 

Author Comment

by:michaelheffernan
ID: 40606682
Your suggestion is not clear to me.  Log into a server console as admin, then log out.  then log in again?   At the console or remotely or where?

I have already jiggled the local GPO according to suggestions I found online; they haven't been effective.  We don't apply domain GPO to the servers; too unreliable and disruptive.  I will look at your link, tho.

M
0
 
LVL 13

Accepted Solution

by:
Rizzle earned 500 total points
ID: 40606721
Login to the server via rdp or vnc using the administrator account. Once that's done log out and then let me know if that is ok.

I believe the only way to control this would be via a gpo but hopefully my link can help out with the interactive login side of things.

In our environment the screen you're getting would be seen when we open up our vsphere console to have a look at a server state.
0
 

Author Comment

by:michaelheffernan
ID: 40606760
Thank you for the assistance.  

My experience using RDP has always resulted in a console lock out screen that identified whoever was logged in remotely.  This is not that.  In addition, going in with VNC is transparent to Windows.  That always works, except CAD doesn't always function.

I have found yet another reference to this issue, altho naturally MS changed how this feature works between 2008 and '12, and applied it to the 2008 machine (registry change/a CP option magically appearing).  It seems to work with 2008.

Your link is applicable to 2012 (and Win8) only, so I will weigh that, but w/out applying domain GPO to the servers.  That would have the potential of making life really miserable.

M
0
 

Author Comment

by:michaelheffernan
ID: 40606868
Postscript: I believe I finally located the setting in WIn8/Win2012 server.  Under "Change what the power button does" for God knows whatever reason.  There are yet more boxes and radio dials that need unticking.  So far, that has been successful.
I'll wait til tomorrow. if this is the case, I will close this thread and split the points.
thanks again for the assistance.

Mike
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
File locked for editing 5 61
Software to shutdown Windows servers 4 65
Service not starting 6 82
Hard Drive -- temperature monitor ? 6 221
Problem: Windows 32bit running out of paging space. Solution: Add additional page files on separate partitions. Background: By default Windows creates only one page file on the partition you install Windows on. You may know that the maximu…
Determining the an SCCM package name from the Package ID
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question