Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Wanet Telecoms Ltd on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

multiple group policies on laptops

Status
Not open for further replies.
Lordmathos

Lordmathos

IS-IT--Management
Oct 21, 2005
243
GB
Hi.
I have implemented various security gpo's in AD for laptops.

The main one being that the screensaver kicks in after 10 minutes and needs a password to unlock.

Is there any way I can get the laptop to implement a different policy when its not on the network.

Ideally i need the laptop not to implement a screensaver when its not on the network
 
Sort by date Sort by votes
I would say you already have this configured ideally. If a user were to walk away from a laptop that is sitting in a shared environment, say at a customer location, then you would want to ensure the PC is locked down so noone can access it without authorization.

To accomplish your stated goal, you would need to have a log off script on the network that reverses the registry settings requiring the password. I would advise against doing this for the reasons listed above. Better to inconvenience a user to have to enter a password than deal with a data theft issue.

I hope you find this post helpful.

Regards,

Mark
 
Upvote 0 Downvote
I know our setup is probably best practice for security but most of our laptop users use powerpoint for presentations and the screensaver keeps on kicking in during the presentation which is starting to really annoy our users
 
Upvote 0 Downvote
Mark - won't the cached credentials reinstate the screensaver rule when they log in off of the network?



Thanks,
Andrew
 
Upvote 0 Downvote
the users have been logging on and off for the last couple of months now and the screensaver properties are always the same as the gpo tells it even if their on the network or off of the network
 
Upvote 0 Downvote
If you were to reverse the setting of the GPO at logoff, I don't belive it will process again until they are connected to the network.

You could however just stop your policy from applying to them. Move the laptops to a seperate OU and block the policy.

I hope you find this post helpful.

Regards,

Mark
 
Upvote 0 Downvote
Laptops will take GPO setting even off the network. I have tested it and works great.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
451
DrB0b
DrB0b
James281
  • Locked
  • Question
Enrolment agent (enrol on behalf of) stopped working
Replies
1
Views
358
mikehook
mikehook
lacked
  • Locked
  • Question
problem with windows update on windows server 2016
Replies
1
Views
309
maybeimaleo
maybeimaleo
edgar28
  • Locked
  • Question
Question on Network cards - Windows Server 2019
Replies
1
Views
293
DrB0b
DrB0b
Billz66
  • Locked
  • Question
unable to instal msmq on server 2019 get sxs assembly missing
Replies
0
Views
405
Billz66
Billz66

Part and Inventory Search

Sponsor

Back
Top