Re: Screen Saver Policy

From: Gertjan (gertjan@kloek.org)
Date: 08/03/02

• Previous message: Muhammad Faisal Rauf Danka: "RE: Encryption Tool Wanted"
• In reply to: dnsadmin@cboss.com: "Screen Saver Policy"
• Next in thread: Remington Winters: "Re: Screen Saver Policy"
• Next in thread: dnsadmin@cboss.com: "RE: Screen Saver Policy"
• Reply: Remington Winters: "Re: Screen Saver Policy"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "Gertjan" <gertjan@kloek.org>
To: <dnsadmin@cboss.com>, <SECURITY-BASICS@securityfocus.com>
Date: Sat, 3 Aug 2002 16:23:49 +0200

Hi Robin,

We already implented a policy like that.
All workstations use the default logon NT screensaver with a 15 min timeout.
All admin workstations have a 3 min timeout.
We have set the screensaver settings with the domain loginscript which also
sets the policy that the user can't change the screensaver.

Make sure that the CIO/management agrees with this policy in writing!

If you want i could sent you a copy of the login script.

Brgds,
Gertjan

----- Original Message -----
From: <dnsadmin@cboss.com>
To: <SECURITY-BASICS@securityfocus.com>
Sent: Friday, August 02, 2002 9:42 PM
Subject: Screen Saver Policy

> Can someone point me in the right direction for instituting a Password
> Protected screen saver policy.
>
> We're running a domain rather than active directory... and the PDC and BDC
> are still functioning under NTv4. Almost all workstations are W2K though.
> Is it possible to setup a script or enforce a policy to assure all users
> logging onto the domain - that there PC has the screensaver policy
enforced.
> It would set the screen saver, mark it password protected and the time til
> instituted would be the same for all, say 15 minutes -- users won't be
able
> to edit it.
>
> We want to make sure that if an employee leaves there desk - it's not left
> open. Well, at least for 15 minutes or whatever time frame we opt for. A
> user would have to login to regain access to the PC.
>
> Thanks for any input.
> -=Robin
>
>
>
>
>
>

---

• Previous message: Muhammad Faisal Rauf Danka: "RE: Encryption Tool Wanted"
• In reply to: dnsadmin@cboss.com: "Screen Saver Policy"
• Next in thread: Remington Winters: "Re: Screen Saver Policy"
• Next in thread: dnsadmin@cboss.com: "RE: Screen Saver Policy"
• Reply: Remington Winters: "Re: Screen Saver Policy"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: "computer locked" GPO ... there doesn't appear to be any policy set on the display or screen ... > If no policy in place, then go to Control Panel> Display> Screen Saver tab ... > * Password protect the screensaver ... (microsoft.public.windows.server.general) Re: Group Policy ... ScreenSavers (I created GPO) ... Default Domain Controllers Policy ... Ok and I created a global group in my domain and called it screensaver group ... GPO I gpedit and setup the screensaver settings and such and leave the ... (microsoft.public.windows.server.active_directory) Policy loopback causes domain-level policies to reapply ... servers and 2000/XP desktops. ... Domain container ... for a handful who are in the "Screensaver Disabled Users" OU. ... placed the deployment policy under the Desktops OU. ... (microsoft.public.win2000.group_policy) Re: Using GP to Log Off a User ... I tried doing that by setting the screensaver in Group ... Policy and then having the file sit on a central location ... >Enterprise Platforms Support ... >Directory Services Team ... (microsoft.public.windows.group_policy) Re: Logoff users after idle time? ... I had hoped to find a way to do this without using screensaver, ... > off their workstations after an idle time. ... > Domain Policy and choose Edit. ... Enable the "Screen Saver" policy so that users will have a screen ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)