starting with Windows 10 (1607 I think) screen saver GPOs are completely skipped in Windows PRO domain joined. I think it happens due to screen control panel is switched off in newer builds. At least this is was information i have received when trying to test screen saver in my 1803 build:
Screen saver control panel was disabled by administrator
To workaround this issue and enable automatic locking of the workstation in Windows 10 Pro you need to configure Group Policy Object for Computer, set the following option to enabled and provide time-out for workstation lock:
Check the check box to enable and provide time-out. Microsoft states that restart is required, but in my Opinion if the scope is not restricted to a group that computer was added after rebooting, simple
should do. It did in my case. Now my domain joined computers lock themselves again
My name is Miłosz Engel. I am passionate about integrating and connecting stuff. I like facing new challenges, testing new environments and connecting different systems. Windows and Linux Debian boxes (both physical and virtual) are my favourites. I like solving problems related to Windows Server roles and services as well as Linux but some systems in particular. I’m not considering myself as Linux master but surely, I always do my best to fit the needs. On the other hand I consider myself a Windows Server Professional and in terms of Windows Server services and Windows Desktops I always follow best practices, good advices and opinions from other admins. I also like database stuff like performance, queries and procedures.
Currently, I’m focused on integrating stuff and more architectural roles and tasks. My background, going through many different jobs, projects and tasks related to different areas of IT – helps me to accurately estimate workload in order to fulfil requirements. I always try to foresee possible problems and technical issues related to systems and applications and their integration. My programming and database skills help me to track issues related to data and applications and provide good resolution to problems as well as performance issues.
This policy is used to lock machine not enable or set screensaver. This has been used for many years to lock the machine after set seconds.
I actually want to prevent users from setting up screen saver. I was nice guy and didn’t stop them from day one but now I need to remove screensaver they set up and then block access to setting.
yes it was changed in Windows 10 and now, you either set specific saver with time or set windows hello for business or intune to set the lockout policy.