Hi,

starting with Windows 10 (1607 I think) screen saver GPOs are completely skipped in Windows PRO domain joined. I think it happens due to screen control panel is switched off in newer builds. At least this is was information i have received when trying to test screen saver in my 1803 build:

Screen saver control panel was disabled by administrator

To workaround this issue and enable automatic locking of the workstation in Windows 10 Pro you need to configure Group Policy Object for Computer, set the following option to enabled and provide time-out for workstation lock:

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options

Interactive logon: Machine inactivity limit

Check the check box to enable and provide time-out. Microsoft states that restart is required, but in my Opinion if the scope is not restricted to a group that computer was added after rebooting, simple

gpupdate /force

should do. It did in my case. Now my domain joined computers lock themselves again

Full description of the setting:

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit

 

Loading