How to enforce domain policy for local user?

  • Thread starter Thread starter moe_swe
  • Start date Start date
M

moe_swe

I have a domain group policy which works fine on a computer for screen
saver lockup time when I logon to the domain. However, when I logon to
the same machine locally (as an administrator or local user), the
screen saver policy is not working at all. Why?

If it is possible, how do I do to correct it?

Thank you.
 
Howdie!

I have a domain group policy which works fine on a computer for screen
saver lockup time when I logon to the domain. However, when I logon to
the same machine locally (as an administrator or local user), the
screen saver policy is not working at all. Why?
Click to expand...

You can't really enforce the domain policy for a local user.

There are 2 options now:

- Configure the settings you wish to have when using a local account (
with gpedit.msc). Like this, all users that do not log in with a domain
account will receive those settings (this could cause a massive
administrative overhead).
- Prevent users from logging on with a local user account. Let them run
with cached credentials (which can be pretty easy using Group Policy and
altering the "Log on locally" right. Remember testing before deploying
in the live environment!)

cheers,

Florian
 
Thanks for the response.

Please explain a little more detail for the first option so I can set
it up. The main purpose is to make the screen lock after certain time
of system idle. Mostly for the local administrator login.

Thanks again.
 
Howdie!

Please explain a little more detail for the first option so I can set
it up. The main purpose is to make the screen lock after certain time
of system idle. Mostly for the local administrator login.
Click to expand...

Log on as the administrator of the machine. Fire up "gpedit.msc" at the
Start->Run command box. In the opening "Group Policy Editor", navigate to
User Configuration\Administrative Templates\Control Panel\Display\ and
edit the policies "Screen saver timeout" and "Password protect the
screen saver"

The settings you make here will affect all user accounts on that machine.

cheers,

Florian
 
Back
Top