My Domain Controller is a Windows Server 2012 Standard.
My Clients are mixed workstations of Win 7 Pro and Win 10 Pro since we are currently upgrading all clients to Win 10 Pro.
The upgraded Win 10 users were complaining that the computer will auto-lock in short period of time (about 20 minutes).
From the other side the existing Win 7 clients are not affected from the auto-lock issue.
If you leave the Win 7 client unlocked it will remain unlocked.
Same applies to Windows Server 2012 Domain Controller.
In addition please be advised that nothing was initially
changed from Domain's Group Policy.
Once the Win 10 Client joined the Domain it would automatically receive this 20 minutes auto-lock.
I searched the internet to locate the correct group policy in order to increase the auto-lock from 20minutes to 60minutes.
I found an article indicating the setting "Interactive logon: Machine Inactivity Limit".
In order to test the setting, I entered 30seconds and I confirmed that the Windows 10 would now lock from 20minutes to about 40seconds.
Following I changed again the setting from 30seconds to 3600seconds (1hour) but unfortunately the auto-lock remains at 40seconds.
I have tried with no luck to:
- gpupdate /force domain controller
- reboot domain controller
- disable "Interactive logon: Machine Inactivity Limit" setting
- reboot Win 10 client
Under Group Policy Objects of the Domain Controller I have two options 1) Default Domain Controllers Policy and 2) Default Domain Policy, which was the one that I changed the "Interactive logon: Machine Inactivity Limit" value.
Should I change it under "Default Domain Controllers Policy" or both?
Are the above the correct settings/steps for globally increasing the auto-lock feature?
What should I do next?