Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Is there a policy to automatically log user out?

Status
Not open for further replies.
ljCharlie

ljCharlie

IS-IT--Management
Apr 21, 2003
397
US
I want to know if there is a group policy that I can inforce from the domain controller to automatically log out any user of their computer at certain time of the night.

Any help is appreciated.

ljCharlie
 
Sort by date Sort by votes
you can enforce logon hours restrictions on a user by user basis on their AD account...

i dont think there is anything in GPO to do this for a whole group though

Aftertaf

"Solutions are not the answer." - Richard Nixon
 
Upvote 0 Downvote
yeah it must be applied to the default domain policy its under
computer configuration/windows settings/security options/network security: Force Logoff when Logon Hours Expire
 
Upvote 0 Downvote
Thanks for the help. One question. So another word, it can't be applied to individual OU, correct?

ljCharlie
 
Upvote 0 Downvote
Well, I couldn't find the settings you're reffering to in Windows 2003 Server domain controller. I did not find the "Security Options" under Windows Settings.

ljCharlie
 
Upvote 0 Downvote
It's in a different place but I found it. Here are the places I set to enable.

Default Domain Controller Security Settings
Default Domain Security Settings
Group Policy Management/Default Domain Policy

I'm not sure which one it is reffering to by "Default Domain Policy" because we always have the option "Force Logoff when Logon Hours Expire" enable in the Group Policy Management/Default Domain Policy but it never works. Even if it is after the logon hour expired, the user is still logged in execpt that he can't do anything because of the access denied. What I want is to force the account to logout after the logon hour has expired. I want to do this so I can fully do the backup.

ljCharlie
 
Upvote 0 Downvote
i think you`lll need to set this for the local client and on the domain controller


as for OU
look at the GPO help for "enforcing GPO links
 
Upvote 0 Downvote
It's not working. I ran the Resultant Set of Policy MMC on the client computer. Under the Computer Configuration/Windows Settings/Local Policies/Security Options, the policy "Network security: Force logoff when logon hours expire" is set to "Computer Setting: Enabled" and "Source GPO: Default Domain Policy". But it is not working. I still have user logged in after the hour has been expired. What other options do I have?

ljCharlie
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
779
DrB0b
DrB0b
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
1K
gbaughma
gbaughma
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
585
DTGMI
DTGMI
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
680
microsGuy16
microsGuy16
maybeimaleo
  • Locked
  • Question
Is There a Best Windows OS to Upgrade a CA Server to?
Replies
5
Views
409
maybeimaleo
maybeimaleo

Part and Inventory Search

Sponsor

Back
Top