Solved

How can I eliminate the new WIndows Desktop security screen (Win Server)?

Posted on 2015-02-12
11
66 Views
Last Modified: 2015-05-21
Since the latest round of Windows updates, many of our servers (2008 and 2012) are suddenly deploying a "desktop security screen" which requires a CAD and entering of logged in user's password.  The user is actually still logged into the machine, but the desktop is hidden behind this idiotic security screen.  

Power opt are all set to "never," and "use password on sleep mode", which itself is turned off, is also disabled.  Yet this persists, usually after 5/10/15 mins of inactivity.

How can I disable this unwanted behavior?

Thank you.
M
0
Comment
Question by:michaelheffernan
  • 7
  • 4
11 Comments
 
LVL 13

Expert Comment

by:Rizzle
ID: 40606473
Hi M,

Could you post a screenshot for further investigation please?
0
 

Author Comment

by:michaelheffernan
ID: 40606526
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40606552
Hi Michael,

That screenshot looks normal to me. Is the other user logged in via RDP I'm assuming?

Our servers display that security message aswell.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:michaelheffernan
ID: 40606566
There is no one logged in remotely.  

We use VNC internally, not RDP, since screens cannot be viewed by more then one person (with RDP).  Please notice that nothing is mentioned about anyone being logged in *remotely*, just that the administrator (who is normally logged in there for certain apps to function) is "logged in."

M
0
 

Author Comment

by:michaelheffernan
ID: 40606624
Here's another server; never, ever done this before...
securescreen.jpg
0
 

Author Comment

by:michaelheffernan
ID: 40606630
CAD gets this:  notice the word "locked"  This moronic behavior started with the latest MS updates this past week.
scrn.jpg
0
 
LVL 13

Assisted Solution

by:Rizzle
Rizzle earned 500 total points
ID: 40606660
Mike,

In all scenarios it looks like someone is logged into the clients/servers.

Try this as a test, someone login as the admin account and then log out and then see if someone can login ok,

Here's a GPO to change the timeout behaviour:

https://technet.microsoft.com/en-us/library/jj966265%28v=ws.10%29.aspx
0
 

Author Comment

by:michaelheffernan
ID: 40606682
Your suggestion is not clear to me.  Log into a server console as admin, then log out.  then log in again?   At the console or remotely or where?

I have already jiggled the local GPO according to suggestions I found online; they haven't been effective.  We don't apply domain GPO to the servers; too unreliable and disruptive.  I will look at your link, tho.

M
0
 
LVL 13

Accepted Solution

by:
Rizzle earned 500 total points
ID: 40606721
Login to the server via rdp or vnc using the administrator account. Once that's done log out and then let me know if that is ok.

I believe the only way to control this would be via a gpo but hopefully my link can help out with the interactive login side of things.

In our environment the screen you're getting would be seen when we open up our vsphere console to have a look at a server state.
0
 

Author Comment

by:michaelheffernan
ID: 40606760
Thank you for the assistance.  

My experience using RDP has always resulted in a console lock out screen that identified whoever was logged in remotely.  This is not that.  In addition, going in with VNC is transparent to Windows.  That always works, except CAD doesn't always function.

I have found yet another reference to this issue, altho naturally MS changed how this feature works between 2008 and '12, and applied it to the 2008 machine (registry change/a CP option magically appearing).  It seems to work with 2008.

Your link is applicable to 2012 (and Win8) only, so I will weigh that, but w/out applying domain GPO to the servers.  That would have the potential of making life really miserable.

M
0
 

Author Comment

by:michaelheffernan
ID: 40606868
Postscript: I believe I finally located the setting in WIn8/Win2012 server.  Under "Change what the power button does" for God knows whatever reason.  There are yet more boxes and radio dials that need unticking.  So far, that has been successful.
I'll wait til tomorrow. if this is the case, I will close this thread and split the points.
thanks again for the assistance.

Mike
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Samba is the de-facto standard program (or, more correctly: suite of programs) that UNIX and Linux systems use to share files with Microsoft Windows (and more recently, Mac OS-X) systems. Currently, there are 2 common versions of Samba available,…
Hello, As I have seen there a lot of requests regarding monitoring and reporting for exchange 2007 / 2010 / 2013 I have decided to post some thoughts together and link to articles that have helped me. Of course a lot of information you can get…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question