IIS and session timeouts?

[Russ Leathe]

we are using basic and NT authentication for our intranet
sites. Users authenticate to our intranet site via W2K
Active Directory.

Problem is, folks leave public computers while still
logged on. You know, they authenticate, browse around and
then they don't close the browser window. Anyone walking
by can pick up where they left off.

Question(s)

1.) is there a way in AD to automatically log someone off
if they authenticate via the browser (in this case IE 5.5
and better). Some sort of inactivity timer that I can
apply to group policy's specifically for IE? BTW, our web
server farm are W2k's with IIS 5.0.

2.) along the same lines...we maintain 3 public labs with
XP PC's. Folks authenticate using their AD assigned
username and passwords. Problem is, they don't log off.
Is there an AD group policy that forces a logoff after x
amount of minutes of inactivity?


much thanks

russ
2.)

 

[krish shenoy[MS]]

I could not find a group policy setting for Win2k that logs a user off but
you can create a logon script that sets the following registry key to lock
the workstation
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop\
ScreenSaverIsSecure REG_SZ 1 (lock workstation)
ScreenSaveTimeOut REG_SZ 900 (screen saver timeout in seconds)

 

[Steven L Umbach]

Using group policy, the only thing I know that will be close is set
the screensaver to lock to computer. It would be REALLY nice if Microsoft
would include the logoff option for a built in screen saver that could be
configured via AD. -- Steve