I am looking for a solution for logging that have open RDP sessions. My user account is constantly getting locked out and I think it is because I may have an open RDP session somewhere. Does anyone know a way I can force a logout of my account if it is open somewhere? I have tried the steps below but it that does not seem to be working. I have also tried the RDP Session group policy settings
"Computer Configuration > Policies > Admin Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Session Timeout" but those dont seem to work either. Am I missing something or is there another way to get this accomplished?
Set Log-On Hours Restrictions for Users
i. Open AD Users & Computers
ii. Select the user account(s)
iii. Go to the account's property -> logon hours -> set the desired denial period
(This needs to be completed on a individual user basis)
Enforce User Log-On Restrictions GPO
i. Open the Group Policy Management Console
ii. Edit an existing policy or create a new one
iii. Ensure the following policy is enabled: Computer / Policies / Windows Settings / Security Settings / Account Policies/ Kerberos Policies/ Enforce user logon restriction
Enforce User Log OFF GPO
i. Remain in the policy
ii. Enable the following policy: Computer / Policies / Windows Settings / Security Settings / Local Policies/ Security Options/ Network security: Force logoff when logon hours expire
Chad Guiney