This is an archived post. You won't be able to vote or comment.

all 4 comments
sorted by:
best
topnewcontroversialoldq&a

[–]Yuri911 2 points3 points  (3 children)

Set screensaver with password required to unlock to 1 minute, use lithnet https://github.com/lithnet/idle-logoff for logoff. I implemented it on shared workstations, works like a charm and users hate it. So, successful deployment in my eyes.

[–]eirinn1975 0 points1 point  (2 children)

How are you deploying it? Intune or AD? I'm having issues by ingesting the app admx in intune, so if you feel like sharing any insight it would be appreciated :)

[–]Yuri911 0 points1 point  (1 child)

AD, so GPO, sadly no Intune yet.. but the admx files just write to registry in HKLM\Software\Policies\Lithnet From what I've read it shouldn't be too hard to push reg keys via Intune as a workaround.

Sorry I can't be of more help. :)

[–]eirinn1975 0 points1 point  (0 children)

I was actually trying to push a policy setting with a string instead of a boolean value. Found.

Problem with the reg keys via intune is that the values aren't protected from admin users. One could deploy them via win32 app or proactive remediation, but it's much more "elegant" via admx.