Solved

Computer Lockout after 15 Minutes of Inactivity - Windows and Mac

  • 17 April 2023
  • 2 replies
  • 291 views

Badge

Hi,

We require a Worklet that will lock and requires a password to login after computer is inactive for 15 minutes.  We have searched other worklets and don’t see what we need.  Can someone provide a worklet for this for both Windows 10/11 and Macs?

Julie

icon

Best answer by JohnG-Automox 19 April 2023, 21:40

View original

2 replies

Userlevel 3

Hi @Julie Goyen!


Here is a worklet that you can use for triggering a lock screen after 15 minutes of inactivity on a Windows device,

Evaluation code:

<#
.SYNOPSIS
Enforce Lock Screen on Inactivity
.DESCRIPTION
Enforces a Windows Lock Screen after a period of defined inactivity on a Windows device.

.USAGE
The only variable to define is the $minutes variable.
This is the amount of minutes of inactivity that elapse before the screen locks automatically.
The evaluation code will check the device to see if the InactivityTimeoutSecs registry key matches the $minutes variable.
If the value does not match, the device will be flagged for remediation.
If the value does not exist, the device will be flagged for remediation.
If the value matches, the device is compliant and the Worklet run will end.

.EXAMPLE
$minutes = 15
Device screen will lock after 15 minutes of inactivity.

.NOTES
Author: John Guarracino
Date: April 19, 2023
#>

################################################################################################
#Define how many minutes of user inactivity should elapse before the screen locks automatically.
$minutes = 15
#End user defined variables
################################################################################################

#Translating minutes to seconds
$timeout = $minutes * 60

#Defined registry key
$regPath = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'

#Defined registry value
$regName = 'InactivityTimeoutSecs'

$exists = (Get-ItemProperty -Path "$regPath" -Name "$regName" -ErrorAction SilentlyContinue).$regName
If ($exists -eq $timeout)
{
Write-Output "Device is compliant. Now exiting."
Exit 0
}

Else
{
Write-Output "The Inactivity Timeout registry value does not exist or is not equal to $minutes minutes. Flagging for remediation."
Exit 1
}

 


Remediation code:

<#
.SYNOPSIS
Enforce Lock Screen on Inactivity
.DESCRIPTION
Enforces a Windows Lock Screen after a period of defined inactivity on a Windows device.

.USAGE
The only variable to define is the $minutes variable.
This is the amount of minutes of inactivity that elapse before the screen locks automatically.
The evaluation code will check the device to see if the InactivityTimeoutSecs registry key matches the $minutes variable.
If the value does not match, the device will be flagged for remediation.
If the value does not exist, the device will be flagged for remediation.
If the value matches, the device is compliant and the Worklet run will end.

.EXAMPLE
$minutes = 15
Device screen will lock after 15 minutes of inactivity.

.NOTES
Author: John Guarracino
Date: April 19, 2023
#>

################################################################################################
#Define how many minutes of user inactivity should elapse before the screen locks automatically.
$minutes = 15
#End user defined variables
################################################################################################

#Translating minutes to seconds
$timeout = $minutes * 60

#Defined registry key
$regPath = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'

#Defined registry value
$regName = 'InactivityTimeoutSecs'

try
{
Set-ItemProperty -Path $regPath -Name $regName -Value $timeout
Write-Output "Successfully set the screen Inactivity Timeout to $minutes minutes."
Exit 0
}

catch
{
Write-Output "Failed to set the screen Inactivity Timeout."
Exit 0
}

 

 

This worklet evaluates whether a device has the InactivityTimeoutSecs registry key set.  If it does not exist, or if the value does not equal the $minutes variable that is set, it will trigger the Remediation code to set it.

 

The results of the Worklet remediation code will be stored in your Automox Activity Log:

 

 

For your MacOS devices, this Community Worklet might give you what you need!
 

 

Let me know if you have any other questions.

 

Have a great day!

Badge

Hi John,

Thank you so much.  This worked great!

Julie

Reply