Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: Screen Saver Seetings
From: Jeff Holden <JHolden () MTSAC EDU>
Date: Wed, 26 Sep 2007 09:53:44 -0700

You could create a new group and add all the users you want to have a
shorter timeout to the group.  Then create a new GPO that is more
restrictive in the existing OU.  Then in the group policy management
window under security filtering remove the Authenticated Users group and
add the group that you created.  This way the GPO only gets applied to the
group that should have the shorter timeout.  This should have the effect
of all the existing GPO rules are applied and the more restrictive timeout
policy.


Thanks,
Jeff Holden, CISSP, RHCE
Manager, Network & Data Security
Mt. San Antonio College




"Gibson, Nathan J. (HSC)" <Nathan-Gibson () OUHSC EDU>
09/26/2007 08:10 AM
Please respond to
The EDUCAUSE Security Constituent Group Listserv
<SECURITY () LISTSERV EDUCAUSE EDU>


To
SECURITY () LISTSERV EDUCAUSE EDU
cc

Subject
[SECURITY] Screen Saver Seetings






Needing some help!

We currently have a screensaver policy on our campus that is enforced at
the domain level via GPO. Some of our users are wanting the capability to
be more restrictive on their screensaver lockout (e.g. ours is set at 10
minutes and they want a 5 minute timeout)

Is there any way to accommodate this without having to set up a new OU and
a new GPO for that OU.

Basically is there a setting to allow users to set their screensaver
timeout to less than 10 minutes and while simultaneously restricting them
from going greater than 10 minutes?

V/R,
Gibby
Nathan J. Gibson, CISSP-CCNA
Information Security Analyst
The University of Oklahoma HSC
http://it.ouhsc.edu/services/infosecurity

"Lack of will power has caused more failure than lack of intelligence or
ability."
-- Flower A. Newhouse --

Confidentiality Notice
This e-mail, including any attachments, contains information from the
University of Oklahoma Health Sciences Center, which may be confidential
or privileged. The information is intended to be for the use of the
individual or entity named above. If you are not the intended recipient,
be aware that any disclosure, copying, distribution or use of the contents
of this information is prohibited.

If you have received this e-mail in error, please notify the sender
immediately by a "reply to sender only" message and destroy all electronic
and hard copies of the communication, including attachments.





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]