Re: IIS and session timeouts?

From: Russ Leathe (russ_at_gordon.edu)
Date: 07/15/03 

Date: Tue, 15 Jul 2003 06:12:02 -0700

thanks Steve,

The winexit.scr works great in our computer labs. I'm
more concerned about public Kiosks both on-site and off-
site. Most people are in the habit of closing the browser
after they use the computer...however, there are a few out
there that just walk away.

If a user authenticated to AD via the browser, can I
automatically log the user off after, let's say, 3 minutes
of inactivity? Is there something in GP that I can set?

  
>-----Original Message-----
> Hi Russ. There are a couple of possibilities that I
know of. You can
>use group policy to configure a screen saver password
lockout, however that
>is not really a log off. The Resource Kit contains the
winexit.scr screen
>scaver that can actually log off a user at a certain time
or after a period
>on inactivity. You can also log off somone at a
particular time or after a
>period of inactivity using Scheduled Tasks with the
logoff.exe utility. The
>log off security option in Local/Domain Security Policy
does not log a user
>off the local computer - just the network. --- Steve
>
>http://www.jsiinc.com/SUBJ/tip4800/rh4866.htm
>
>"Russ Leathe" <russ@gordon.edu> wrote in message
>news:017401c34a32$cec086d0$a401280a@phx.gbl...
>> we are using basic and NT authentication for our
intranet
>> sites. Users authenticate to our intranet site via W2K
>> Active Directory.
>>
>> Problem is, folks leave public computers while still
>> logged on. You know, they authenticate, browse around
and
>> then they don't close the browser window. Anyone walking
>> by can pick up where they left off.
>>
>> Question(s)
>>
>> 1.) is there a way in AD to automatically log someone
off
>> if they authenticate via the browser (in this case IE
5.5
>> and better). Some sort of inactivity timer that I can
>> apply to group policy's specifically for IE? BTW, our
web
>> server farm are W2k's with IIS 5.0.
>>
>> 2.) along the same lines...we maintain 3 public labs
with
>> XP PC's. Folks authenticate using their AD assigned
>> username and passwords. Problem is, they don't log off.
>> Is there an AD group policy that forces a logoff after x
>> amount of minutes of inactivity?
>>
>>
>> much thanks
>>
>> russ
>> 2.)
>
>
>.
>

Relevant Pages

  • Re: Forms Authentication non-persistent cookie not expiring after closing the browser
    ... If you authenticate against the Active Directory, why not host your solution under intergrated security? ... I use non-persistent cookie so ... that the user is NOT remembered across browser sessions. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: XP and IIS newbie question
    ... Only a browser can cache your credentials. ... Alternatively, if you do think that ths may be related to IIS, then can you ... authenticate using my domain username and password (let's call it ... The application thinks I am mycorp/adminJM even when I ...
    (microsoft.public.inetserver.iis)
  • Re: FAQ Topic - How do I prompt a "Save As" dialog for an accepted mime type?
    ... Opera on the bare minimum existence level in the after Browser Wars ... " I ") personal opinion but using an old and rather known slogan ... Why MS decided to make the Windows Updates IE specific is anybody's guess - short of a declaration from MS - but an educated guess would be simple. ... The Update verifies that you are running an authenticate version of Windows and not a pirated version. ...
    (comp.lang.javascript)
  • Re: help with .NET cliet to consume java webservice
    ... or passing neccesary credentials to authenticate ... be doing authentication passthrough - so turn this off in your browser and ... java webservice on a mainframe. ... when try to download the page by creating a simple http-get client, ...
    (microsoft.public.dotnet.general)