Re: Screensaver Password Policy Doesn't Work
From: Cedric POMMIER (zepom@hotmail.com)
Date: 07/25/02
- Next message: bissek01: "Stopping the local group policy being applied to administrator"
- Previous message: Sherwin Flight: "Re: win login"
- In reply to: Al Blake: "Re: Screensaver Password Policy Doesn't Work"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Cedric POMMIER" <zepom@hotmail.com> Date: Thu, 25 Jul 2002 09:51:44 +0200
This is a known bug for Microsoft. In fact, the registry key modified by the
GPO is not effective with Windows XP ! This problem will be corrected with
SP1...
Microsoft sent me an updated system.adm to correct this problem, but the new
registry key modified by this template is permanent (if you remove or
disable the GPO, the parameter will still be set on client computers).
However, you can modify your system.adm manually by searching
ScreenSaverIsSecure, and replace the specified key with :
KEYNAME "Control Panel\Desktop"
instead of :
KEYNAME "Software\Policies\Microsoft\Windows\Control Panel\Desktop"
Once updated, you'll need to uncheck the 'Show policies Only' option in the
'View' menu when you are under 'Administrative Templates' with the Group
Policy MMC.
Cedric POMMIER, France
"Al Blake" <al@blakes.net> a écrit dans le message de news:
#hQjUgwMCHA.2096@tkmsftngp12...
> PLEASE can you post if you ever find a fix.
> We have exactly the same problem and it has been driving me mad for a
month
> now:
> Network - Win2k using AD in native mode
> Clients - Win2k and XP
> Group policy - screen saver enabled and password protected for all users
via
> Domain GPO
>
> Result: All users get screen saver but only some get passowrd protection.
> Others the screen saver just comes off when you move the mouse without
> prompting for a password. I can find no link between those users that the
> GPO works for and those that it doesnt.
>
> Screeensaver password protection is essential for our security situation.
>
> Al Blake, Australia
>
>
> "Mike Dwyer" <mike.dwyer@lakelandgov.net> wrote in message
> news:6086d63e.0207230424.78dd6d2e@posting.google.com...
> > ryan_provost@bat.com (Ryan Provost) wrote in message
> news:<700a0e64.0206250638.24f4e682@posting.google.com>...
> > > Okay, I'm a bit confused on this one. Let me explain the scenario. I
> > > have about 2000 Windows XP Pro workstations to roll-out in my company,
> > > using a Windows 2000 Active Directory domain in native mode. Corporate
> > > policy requires screensavers on each desktop, and these screensavers
> > > must be password protected. To accomplish this, I have configured the
> > > system policies to password protect the screen saver. It does not seem
> > > to be working. The screen saver, also configured by the policy, does
> > > indeed activate after the set timeout duration, but the console does
> > > NOT lock as it should. I have no idea why this is not working.
> > >
> > > After poking around on the internet for some answers, I stumbled
> > > across a few newsgroup posts by people experiencing much the same
> > > problem, yet no answer has been given ... at least that I could find.
> > > So I decided to post for myself in the hopes of stirring up an answer.
> > >
> > > I have updated the .ADM templates in Active Directory to the new
> > > Windows XP templates, and most of the XP-specific settings do in fact
> > > work. The policy template sets the following registry key for screen
> > > saver password:
> > >
> > > HKCU\Software\Policies\Microsoft\Windows\Control Panel\Desktop
> > > Value: ScreenSaverIsSecure = 1
> > >
> > > When I dig into the Windows registry, and search for this same value I
> > > find another duplicate value in a different location.
> > >
> > > HKCU\Control Panel\Desktop
> > > Value: ScreenSaverIsSecure = 0
> > >
> > > Note that in this location the value is set to 0, or 'Off'. If I
> > > manually set the value to 1, or 'On', the console still does not lock
> > > itself. I cannot figure out what is going wrong here. Is the policy
> > > template setting the wrong value? Is there something else at fault
> > > that I have no considered? Any help that anyone could offer on this
> > > subject would be most appreciated. I am at wits end.
> > >
> > > TIA, Ryan Provost
> >
> > I am experiencing the same problem. I am using Domain Group Policy to
> > accomplish the same thing. It works on some machines, and not on
> > others. The screen saver comes on for all but does not lock for all.
> > I have tried everything I can think of to isolate the problem, but
> > have had no success.
> >
> > MD
>
>
- Next message: bissek01: "Stopping the local group policy being applied to administrator"
- Previous message: Sherwin Flight: "Re: win login"
- In reply to: Al Blake: "Re: Screensaver Password Policy Doesn't Work"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
