This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 65%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZS%3C/text%3E%3C/svg%3E)
Greetings Windows experts, Im trying to untangle effect of multiple GPO settings setting roughly similar behaviour. Our environment: Windows Serer 2019 DCs Windows 10 1909 Enterprise clients The settings that puzzle me are:
Power Plan
Turn off display after 30 minutes
Screen saver
Screensaver timeout: 3600 seconds
Password protect screensaver: Disabled
Enable Screensaver: True
Local policies/security options
Interactive logon: Machine inactivity limit: 7200 seconds
... to me, it looks like that all three groups (marked as bold) take care of the same settings, however, with different values. What takes precedence, what will be the result of all these 3 group policy settings?
Thank you in advance for the feedback, take care. SZ
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 96%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Hi,
The three policies are not for the same setting. But they do have a close connection.
Turn off display: You can specify how long your PC is inactive before all your connected displays turn off. When your display turns off, you would just need to move the mouse, touch the touchpad or touchscreen, click a mouse or touchpad button, or press a key for the display to turn back on. Password not needed .
Screen savertimeout : A screen saver is a moving picture or pattern that displays on the screen(s) of your PC after you have not been active on the PC for specified period of time to wait. It was used to force the computer screen to lock itself after the inactivity time you set . To login ,it requires password or not depends on the Password protect screensaver is Disabled or enabled.
Interactive logon: Machine inactivity limit.(close to screen saver timeout setting)If the amount of inactive time exceeds the inactivity limit set by this policy, then the user’s session locks by invoking the screen saver (screen saver should be active on the destination machine).
For your questions: what will be the result of all these 3 group policy settings
The device locks not only when inactive time exceeds the inactivity limit, but also when the screensaver activates or when the display turns off because of power settings.
The password is needed for both the 3 situations mentioned above.
Best Regards,
Hello,
thank you for thorough explanation. The topic is much more clear to me now. However, from what you've written, another question arose. You wrote:
Turn off display:
... password not needed.
For your question:
... The password is needed for both the 3 situations mentioned above.
I understand that in the first part of your post, you've described how the settings behave when configured alone, hence "password not needed" when it comes to "turn off display".
My (hopefully last) question will be: what is the game changer here? What says "hey, we ordinarily don't require password when the displays turn off due to power plan, but we will from now on". What decides about the bold part in the previous sentence?
Thank you for your effort and willingness to help, take care.
SZCZ
Hi,
It was decided by the policy :Interactive logon :Interactive logon: Machine inactivity limit
Once this policy was defined ,all the following situations ( Machine inactivity limit, screensaver activates or when the display turns off because of power settings) would require a password to back on.
Hello, all clear now, moreover, I am trying various combinations of the settings in a lab and I am starting to understand. Thank you for pointing me in the right direction, kind sir / kind lady. Have a great day.