GPO screen lock out policy

Similar Messages

• HT4865 if I forgot my screen lock out password how can I get into my ipod

  I forgot my screen lock out pass code on my ipod can i get into it??

  Back it up and restore it using iTunes on the last computer it was synced with.  At the end of the restore process, when the iPod restarts and reappears in iTunes you will be given the option to restore to the backup you made at the beginning.  When it finishes, the passcode will be removed.
  This will only work if you have previously synced with iTunes after setting the passcode on your device.

• Ipod Touch - White Screen Lock Out - Apple response poor/process inflexible

  Hi
  I have 2 Touchs and one has the random white screen issue. Screens goes grey`white and there's nothing you can do, till what seems like it needs to be recharged. i haven't had this happen when at home and near the 'master dock' .
  I see thats its a prob that is more and more common, and have also seen on other forums that Apple are acknowledging it and in some cases have been providing freebies as sweeteners as well (allegedly).
  So first - does anyone have any 'fixes' - other than what I have seen which is a replacement?
  And secondly this is my 'Apple Service experience so far'
  I called Apple UK support on Thursday morning, and pressed the options for Ipod and then Touch.
  A woman answered and as soon as I told her my issue she advised she was IPHONE SUPPORT ONLY as that was section I had come through to and could not help me. I asked to be put through to relevant help section.
  On hold for a few mins then line went dead.
  Called back - making sure i pressed Ipod Touch options - in case it was user error first time - (it wasn't BTW) anyway got put through to IPHONE support again. This time the woman agreed to help, although i shall temper that by saying that my perception was that she started that day and had a script of 'if x do y' questions.
  I explained the issue and that I had carried out web research. She was very polite but asked me questions I had already answered in my pre amble - i.e. screen is locked out, no response from buttons etc - but I was still asked what happens when you press the power button. Anyway I stuck with it - she then asked what firmware I had, and i advised I just upgraded to 1.2.
  Ah thats the problem - you need to upgrade to LEOPARD (I have Tiger). That annoyed me as clearly thats rubbish and was really her ' ad libbing' I explained I had 2 touchs and other was fine.
  She consulted a colleague and suggested I either send it in or make an appt at my local Apple store. Thats when it really went down hill...
  More disappointed at the process, I called my local store (Regent Street - London) and was advised that the Touch would be replaced under warranty - but that I needed to make an appt to have that done, and no they couldn't make an appt on line (you are warned that up front in the recorded message before you get to speak to anyone). This I find odd - two people from Apple advise I can get a replacement under warranty, yet I have to make an appt - thats not good service.
  As i am nearby, I decide to go to the Apple store anyway. I get same story and ask to speak to the manager. He is very well trained. He says all the diplomatic things, he agrees unit will be replaced under warranty, but says I have to see a technician - but I cant until tomorrow at earliest.
  What then follows is a discussion about the process - his argument is that it allows the customer to attend at a time that suits them (but it suited me NOW - I was nearby). In reality the converse is true you can only chose a slot that suits apple.
  The manager, stated that there are two diff stocks of goods. Items for sales and items for replacement. I suggested that he went to the replacement pile and provided one from that. NBo go - the technical dept could only do that.
  I agree that booking for TECH SUPPORT is a great idea, but for a product replacement under warranty - especially when 3 people (and user forums) had advised this would be the case - this is not good service at all. The manager looked at me and uttered platitudes along the lines of ' thats your opinion', ' you are entitled to think that' - all of them verging on patronising. he even went as far to say that customers like being able to book a slot - erm - they have no choice!
  He advised he 'would take my views on board' and would 'pass them on to the manager' - he was in fact the deputy manager. I left my details and explicitly asked for her comments - needless to say I am still waiting.
  So i feel like I have fallen out with a close friend. I have been an Apple convert for 2 years now and this is our first major falling out. I am annoyed, as a customer, at being treated like this and forced into such a rigid system, and bitterly disappointed that a company that has such a a wonderful end user experience in terms of the products themselves and the sales side should treat loyal customers (in fact any customers) this way when trying to dal with faulty goods!
  So, anyone have any thoughts - agree/disagree - who can I voice this to in Apple - the store doesn't seem to care past lip service!
  I will also try to repost this on the general area if there is one
  Rgds
  Michael

  Hi,
  I used to work at an Apple Store so I have 2 summers of customer service experience under my belt. Let me just say that, yes, I empathize. Some of the store policies are ridiculous, which is partly why I left the company. Well, ok no, I just like to say that that's why I left. I'm actually a student.
  Anyways, whoever told you that you can't make an appointment at the Genius Bar was WRONG. Shame on them. Go to this website (it's just apple.com/uk/retail (and Regent Street's site specifically) and on the right hand side there's a column for you to click Genius Bar Reserve.
  http://www.apple.com/uk/retail/regentstreet/week/20071118.html
  Here's the entire gist of the store policy. The store is obligated to give you a new iPod Touch if there's a manufacturer defect within 2 weeks of your original purchase. You'll still need a Genius Bar appointment, but all they do is take a look at it, confirm that it's a defect, and they'll return it for you (& they'll label it as DOA - Dead on arrival), and give you a new one. Easy.
  I'm guessing you are outside of the 14 day period which is causing you all the trouble. So now we're talking about the year warranty. So you got your replacement iPod touch. Should there still be a defect in your replacement, you still have 14 days from the day you received THAT iPod touch to get a new one. There's a chance that if you talk to the manager (a different one and there are several), he'll hook you up with a brand new iPod touch, without having to go through replacement protocol.
  The manager you talked with sounds like a jerk to me, and believe me, I hate it when Apple employees try to think theyre "all that." We student employees used to laugh at how seriously some employees took it. But really, those guys are there to help you and give you solutions, at least that's the company line. With that in mind, demand them to do what's right. I wish I could actually help you. I used to take care of people in situations like these all the time.
  Good luck.

• IPod Screen Locked Out

  I was right in the middle of playing one of my games when I accidentally clicked on the Lock button and the screen blacked out. When this happened I clicked on the lock button to unlock it but nothing happened (the screen remains blank).  I plugged it into my computer and it is still functioning, but my Touch is still not showing the screen when I click on the Lock button.

  - Try resetting theiPOd:
  Reset iPod touch:  Press and hold the On/Off Sleep/Wake button and the Home
  button at the same time for at least ten seconds, until the Apple logo appears.
  - Next try restoring the iPod from backup va iTunes

• Sleeping screen locks out Mac

  Hi
  Have Mac pro, cinema screen sleeps on schedule, then won't wake up and locks me out of machine, have to hold power button till machine shuts down, then restart machine then ok, till the next time, has happened twice in last week, but never before,
  have all updates.
  Anybody help
  Thanks
  Tone39

  Two random thoughts: in your sleep preferences: do you have checked the box to put the hard drive to sleep whenever possible? If so, see if it doesn't do it when you uncheck the box. It shouldn't make a difference, but...
  Or: what are you doing to wake the computer up? Mouse or keyboard? Have you tried both?

• ITunes 90 day lock out on iMac - only one AppleID can use a Mac at any one time?

  Just found out, the hard way, about Apple's patently ridiculous "90 Day Lockout" policy on iTunes (Match, Purchases download and pretty much ALL the useful features).
  Apparently, at least according to Support - who feigned surprise that this was an issue - if you blow £1,200 on an iMac to be used by two people in your home and have paid Apple an extra £25 a head for iTunes Match, you're terribly gullible. And stupid. And a potential music thief.
  The real problem is that Apple, probably in a bid to secure record label agreement to iTunes Match and in a vain attempt to curb unlawful music sharing, has decided that NO MORE THAN ONE APPLE ID can be associated with a machine ID at any one time, for iTunes purposes.
  This is fine on iPhone, iPod Touch and even iPad. Those are hardware that only one person can use at a time - there is no "multi-user" capability.
  Macs, though, are a different matter.  In Apple World we're all filthy rich and each member of a household is expected to own a separate Mac machine (iMac, MacBook Pro or Air) to be able to use the functionality and music they've paid for in iTunes and via Match.
  If you're stupid or poor or just think a Mac per person in a household is consumerism gone mad, you are stuffed.
  In our case we bought an iMac. Set up two separate and distinct User IDs and one of us set up iTunes and activated iTunes Match.
  Next day the other went into their User account, set up iTunes and then activated iTunes Match. A very very vague message popped up alluding to "transferring an Apple ID to this machine" and referencing inability to use this AppleID on another machine for 90 days. That seemed OK. The AppleID had been associated on an old Compaq netbook for iTunes, so the assumption was that it was that association that was being transferred to the iMac.
  WRONG!
  What had happened was that the second person to sign in to the iMac and set up their TOTALLY SEPERATE AppleID on a TOTALLY SEPERATE iTunes Match library and account had effectively locked out the first user from their iTunes account.
  So, if you're a family with individual iTunes accounts and iTunes Match don't bother with Apple Mac products. For the cash you spend on one mac product that only one of you will be able to use iTunes on EVERY 90 DAYS, you'd be better off buying separate, higher spec Windo$e laptops to sync with.
  Apple has really really fouled up on this.
  Support initially justified this lock out policy as being to prevent Johnny Fileshare from zipping round to his mate's house, logging into iTunes with his AppleID on his mates PC or Mac and downloading his paid for iTunes library onto his mates Mac as a gift.
  Just how likely such a random outburst of philanthropy at the expense of record labels would be is beyond me.
  During a near two hour call with support (use the Call Me function - at least the call is free) eventually, after an escalation, the tech agreed that the 90 days AppleID  lock was pointless as Apple themselves publish details in their knowledge base on how to circumvent music sharing restrictions and combine iTunes libraries - even helpfully including details of how to put said combined iTunes library on a memory stick. Johnny Fileshare can then nip round his mates house and share his iTunes content with his mate until the cows come home.
  Even worse, Apple even allow you to burn to CD a combined iTunes library up to FIVE TIMES!
  But, when it comes to logging into your own iTunes account on a shared Mac? Forget it matey. You'll steal music and can't be trusted.
  Well FU too, Apple.
  But wait! You may think you're OK because you weren't foolish enough to hand over £25 for iTunes Match...
  BEWARE: THE 90 DAY LOCKOUT IS ACTIVATED THE SECOND A USER ON A MAC ACTIVATES EITHER:
  1. Automatic downloads, or
  2 iTunes Match
  OR IF THEY HAVE THE TEMERITY TO:
  1. Check previous purchases
  THIS RENDERS ITUNES AS A PRODUCT/SERVICE WORSE THAN USELESS ON SHARED MACS.
  We have 82 days to wait for one of us to regain access to the library that cost us a fortune to build in iTunes.
  1 Week old iMac is being boxed up & returned to Apple Store.
  Two high spec non Apple  laptops being bought as a replacement. The change to be spent on petrol or pasties - which ever the UK  is running out of most...

  Yes, I am having this problem because I have 2 Apple IDs/iTunes accounts.  Mind you, I don't want 2 accounts but Apple forced me to make a new apple ID when they started requiring email addresses as user ID.  This was the first big mistake that Apple made.  Their second mistake was not allowing people to simply merge these accounts.  Had they not made these mistakes initially, many people would still only have one Apple account/ID. Some bloke ought to lose his job over that. 
  However, I understand this isn't the same problem as having multiple household members using the same computer.  It seems that Apple could figure this all out by either authorizing multiple users at the time of purchase, or allowing a handful of users to download to one computer. After all, if I bought a hard copy of a music CD, I could certainly allow my son or daughter to listen to it or download it to their computer.  Next thing you know, I'll have to sign a release saying that I am the only person that uses my iPod.
  I am also returning not just one but 2 brand new Mac computers ($4500 coming back from Apple to my wallet) because I am so fed up with the poor customer service response that Apple has given this problem.  Not only did they take a ton of my money for iTUnes songs, but then they restricted my access to those songs. I think it's criminal and I wouldn't be surprised if this issue ended up as a class action wrongdoing suit.  I have to admit I've considered talking to a lawyer about it myself.  I am so sick of large monopolizing companies thinking that they can treat their customers poorly and expect us to sit back and take it. The good news is that this is a free country and I can choose to throw my money at any old company I choose..........Toshiba here I come.

• How an Admin user log into a lock out standard user account?

  I remember that I was able to override the access to the standard account user when the standard user has the screen lock out. This appear to be missing in Lion. Has anyone knows how to do this in Lion? Thanks.

  From my personal experience I can say that at times, four folders (i guess Assets is one of them) somehow get left in C:\Program Files (x86)\Adobe\Elements 11 Organizer folder.
  I delete them and restart my system.. and reinstallation works fine. If that's the case with you, you can try it.
  CS Cleaner tool might also help.
  Thanks
  Andaleeb

• Windows 2008 R2 Screen Lock Issue (GPO)

  Scenario: We will be deploying POS machines at our stores that will have Windows 2008 R2 as the preferred OS. The function of this POS machine is for POS administration and not for ringing up sales. The machines have been configured to autologin a specific
  user via GPO for POS functions. Also, a specific POS desktop environment shell has been configured to launch instead of Explorer (explorer.exe) shell environment at autologon.
  Everything seems to be working as expected except for the session of the user locking. Since the POS environment needs to be up at all times with the specific user profile, we do not want the OS to lock the user session. I've timed it and it seems to lock
  the screen (not log off) at approximately 15 minutes of inactivity, we do not want this.
  So far, these are the GPOs I have configured that have not fixed the issue:
  Computer Configuration>Policies>Windows Settings>Security Settings>Local Policies>Security Options>Microsoft Network Server: Amount of idle time required before suspending session = 99999 minutes
  Computer Configuration>Policies>Administrative Templates>System>Power Management>Sleep Settings>Allow applications to prevent automatic sleep (plugged in) = Enabled
  Computer Configuration>Policies>Administrative Templates>System>Power Management>Sleep Settings>Require a password when a computer wakes (plugged in) = Disabled
  Computer Configuration>Policies>Administrative Templates>System>Power Management>Sleep Settings>Turn off hybrid sleep (plugged in) = Enabled
  Computer Configuration>Policies>Administrative Templates>System>Power Management>Sleep Settings>Turn on the ability for applications to prevent sleep transitions (plugged in) = Enabled
  Computer Configuration>Policies>Administrative Templates>System>Power Management>Video and Display Settings>Turn off the display (plugged in) = Enabled = 99999 seconds
  User Configuration>Policies>Administrative Templates>Control Panel>Personalization>Enable screen saver = Disabled
  User Configuration>Policies>Administrative Templates>Control Panel>Personalization>Password protect the screen saver = Disabled
  User Configuration>Policies>Administrative Templates>System>Ctrl+Alt+Del Options>Remove Lock Computer = Enabled
  User Configuration>Preferences>Windows Settings>Registry>HKCU>Control Panel>Desktop>ScreenSaveActive = 0
  What are we doing wrong? How do I configure the OS to not lock the user session but keep it active at all times?
  As a side note: We have Windows 7 POS machines also that will be ringing up sales that we do not have the screen lock issue.

  Hi,
  >>Please see my setting indicated in my original post. We have Turn Off the Display set to 99999 seconds.
  I understand that we have set the Turn Off the Display for this amount of time. However, just for double check, we can go to the power plan we are using to check if the setting has been applied successfully. If the setting has been applied successfully,
  it should be grayed out. Or, we can run command gpresult/h gpreport.html
  with admin privileges to collect group policy result report to check this.
  Besides, do we use other third party software to protect our computer? We can try to clean boot the server to see if the situation persists.
  Regarding how to perform a clean boot, the following article can be referred to for more information.
  How to perform a clean boot in Windows
  http://support.microsoft.com/KB/929135
  TechNet Subscriber Support
  If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.
  Best regards,
  Frank Shen

• Remote user received a "deny log on locally" policy - and is now locked out

  Hello,
  A traveling user who received a "deny log on locally" policy remotely.
  He was accidentally added to a wrong group and is now locked out. 
  What are the steps to clear this policy?  We have a backup local admin account I can remote into.
  I appreciate any suggestions or comments. 

  > What are the steps to clear this policy?  We have a backup local admin
  > account I can remote into.
  Resolve the wrong setting, remote into the machine and issue "gpupdate
  /target:computer". Reboot and go ahead :)
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• Multiple AD Group Policy Screen Lock Policies

  I am looking to have multiple screen lock policies one for X minutes and one for Y minutes, is this possiable, and how can I configure this?

  Yes you can do this. A few ways are possible. From memory the screen saver policy  is user based rather than computer based. 
  You can create two GPO's and configure the screensaver setting you want in both. Then you can do one of two things.
  1. apply each policy to a different OU where the users reside
  2. create two security groups - one for each GPO. Then remove the authenticated users group from the GPO security settings and add your new security group to the GPO and give it read and apply group policy. Then add your users to which ever group you want.
  Apply the GPOs to either a user OU, or domain level - which ever works best.
  Regards,
  Denis Cooper
  MCITP EA - MCT
  Help keep the forums tidy, if this has helped please mark it as an answer
  My Blog
  LinkedIn:

• Can I enable the root user account from the log in screen when I am locked out of the machine?

  Hello everyone,
  I am working on my friends mac to get it ready to sell. I went into the advanced options of the user and changed the name of the account. That's all I changed. I did read the warning that said if anything was changed it could cause damage, that's why I only changed the name of the user account. I didn't want to mess with anything else. Well, needless to say, I am locked out of the machine. Apparently the root user, system administrator, account was not enabled and I am stuck at the screen that I can get to with my installation disc. So how can I enable the root user account and get back onto the machine from the screen I am at? Can I enable the root user from terminal? I spent a good 8 hours yesterday researching this topic and have come up empty. Changing passwords from commands in terminal is not the problem. I am given just one account to choose from to log on and it's not accepting the password because of the changes I made in the advanced options menu.
  Is there any hope of getting this thing going again? Or have I just screwed myself over?
  Thanks for your help!
  Leah

  You can reset the password.
  http://pondini.org/OSX/Password.html
  Do you need to recover data from it before you sell it?  If not you can just wipe the disk and prepare it for sale.
  See  > Apple What to do before selling or giving away your Mac
  http://support.apple.com/kb/HT5189?viewlocale=en_US&locale=en_US
  Also See Thomas Reed's How to Prepare your Mac for sale
  http://www.thesafemac.com/how-to-prepare-your-mac-for-sale/
  and this thread
  https://discussions.apple.com/thread/5474062?tstart=0

• HT1212 im locked out of my ipod, and the screen isnt responding when i go to swipe to unlock it or when i swipe to turn it off. But, in the top left hand corner, there is an outline of a box. how do i fix this

  im locked out of my ipod, and the screen isnt responding when i go to swipe to unlock it or when i swipe to turn it off. All of my notifications are there but i cant reply to any of them. My screen is completly unresponsive. But, in the top left hand corner, there is an outline of a box. how do i fix this?

  First, try a system reset.  It cures many ills and it's quick, easy and harmless...
  Hold down the on/off switch and the Home button simultaneously until you see the Apple logo.  Ignore the "Slide to power off" text if it appears.  You will not lose any apps, data, music, movies, settings, etc.
  If the Reset doesn't work, try a Restore.  Note that it's nowhere near as quick as a Reset.  It could take well over an hour!  Connect via cable to the computer that you use for sync.  From iTunes, select the iPad/iPod and then select the Summary tab.  Follow directions for Restore and be sure to say "yes" to the backup.  You will be warned that all data (apps, music, movies, etc.) will be erased but, as the Restore finishes, you will be asked if you wish the contents of the backup to be copied to the iPad/iPod.  Again, say "yes."
  At the end of the basic Restore, you will be asked if you wish to sync the iPad/iPod.  As before, say "yes."  Note that that sync selection will disappear and the Restore will end if you do not respond within a reasonable time.  If that happens, only the apps that are part of the IOS will appear on your device.  Corrective action is simple -  choose manual "Sync" from the bottom right of iTunes.
  If you're unable to do the Restore, go into Recovery Mode per the instructions here.

• I have enlarged icons on the log in screen and can not enter my login code. I have tried enough times that I am locked out and my iphone 5 has been disabled.How do I fix this??

  I have enlarged icons on the log in screen and can not enter my login code. I have tried enough times that I am locked out and my iphone 5 has been disabled.How do I fix this??

  Hey there byambar,
  Welcome to Apple Support Communities.
  It sounds like you’re describing two issues, the first issue is related to the Zoom accessibility feature and the second issue is related to the device being disabled.
  Take a look at the article linked below to learn more about Zoom and the other accessibility features on your iPhone 5.
  Use Accessibility features in iOS - Apple Support
  This article will help you resolve the issue with your iPhone being disabled.
  Forgot passcode for your iPhone, iPad, or iPod touch, or your device is disabled - Apple Support
  Take care,
  -Jason

• LED notification stops by screen lock time out

  I found some problem about LED notification. It stops by screen lock time out. My test procedure :- - Screen off by push the top button - Send test e-mail from laptop to my Q10, LED notification will flashing while now is black screen - Call in by another phone then screen will shown at the wall paper - Then after "screen lock time out", screen become dark and now LED flashing will stop So, I can not know the e-mail come in if I leave my phone for a while. Please help

  I don't have a PIN lock set up, but still LED notifications for missed calls don't work on my Pre (GSM, o2 Germany), not even after waking up the screen. At least if I only have one missed call. Strangely enough, as soon as I have a second missed call, the LED starts to blink.
  My guess is it has to do with the way the phone notifies about missed calls. With only one missed call I don't see a normal notification at the bottom of the screen, but a question dialog with two buttons "call back" and "close". Maybe the phone doesn't treat this as a real notification which would trigger the LED.
  As soon as a second call comes in and is not answered, the first missed call notification becomes a real one-line notification at the bottom and the second call gets this question dialog, so maybe this is what triggers the LED notification. But I'm just guessing.
  Anyway, this is really annoying. I can't understand why things like these are not found and fixed during testing of the update, this is pretty basic stuff, not any extraordinary user behavior.

• Bluetooth Audio dropping out when Phone goes into screen lock

  I have a 3G running 3.0 and a Sony Bluetooth audio capable car stereo. The audio streams perfectly via bluetooth until the phone goes into screen lock or "sleep ", at which time the audio starts drooping out. As soon as you slide to unlock the screen everything works fine again.
  Anyone else with this issue ?

  Yup, that's exactly what I've had.
  I paired a Jabra BT3030 BlueTooth stereo headset module to my 3G and it worked perfectly until the screen went off and then the audio could only be heard intermittently. When the screen came back on, audio was perfect again. This was completely repeatable.
  I posted about this the other day, but just prior to that tried again to confirm and I could NOT get it to occur. No matter how many times I put the iPhone to sleep and woke it up, the audio played consistently with NO dropout which is somewhat frustrating and a bit bizarre.
  Looks like there is an issue with A2DP if several of us are experiencing the same problem so bug report/feedback to Apple is required I think.
  Has anyone else had the problem go away next time you try?