Hi,
starting with Windows 10 (1607 I think) screen saver GPOs are completely skipped in Windows PRO domain joined. I think it happens due to screen control panel is switched off in newer builds. At least this is was information i have received when trying to test screen saver in my 1803 build:
Screen saver control panel was disabled by administrator
To workaround this issue and enable automatic locking of the workstation in Windows 10 Pro you need to configure Group Policy Object for Computer, set the following option to enabled and provide time-out for workstation lock:
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
Interactive logon: Machine inactivity limit
Check the check box to enable and provide time-out. Microsoft states that restart is required, but in my Opinion if the scope is not restricted to a group that computer was added after rebooting, simple
gpupdate /force
should do. It did in my case. Now my domain joined computers lock themselves again
Full description of the setting:
Hi Miłosz,
This policy is used to lock machine not enable or set screensaver. This has been used for many years to lock the machine after set seconds.
I actually want to prevent users from setting up screen saver. I was nice guy and didn’t stop them from day one but now I need to remove screensaver they set up and then block access to setting.
yes it was changed in Windows 10 and now, you either set specific saver with time or set windows hello for business or intune to set the lockout policy.