Hey, as the title says, I'm looking to make an agent procedure to implement as a policy that will lock any Windows server after 15 mins of the user being idle or upon the remote connection being disconnected. Because we manage many clients and are growing, GPO doesn't seem like the best option for us if we want this done in a hands-free way for every server we manage across every client.
I'm thinking the answer is in the registry, but for the life of me I can't find any universal registry key that does this. I found one that exists on terminal servers (MaxDisconnectionTime), and one that exists on network servers (AutoDisconnect). Maybe I missed something obvious, though, or maybe GPO really is the only good way to go about doing this.
If you have anything similar to what I'm attempting implemented for your organizations, I'd be thrilled to hear your solutions.
It would be good if machines could automatically be locked after an RC/KRC session is ended as well
While it doesn't solve your request for an AP method, our organization manages several clients but does this through a GPO policy (you had asked what everyone else is doing).
User Configuration -> Policies -> Administrative Templates: Policy -> Control Panel -> Personalization
Enable screen saver
Screen saver timeout
Force specific screen saver
Password protect the screen saver