Disable Screen Saver for Remote Sessions Only

Question

I work from home, but I'm also in the office quite often. My work and home machines are both Windows 7 Ultimate.

When I'm in the office I like my computer to go to screen saver fairly quickly and then lock ("On resume, display logon screen").

But when I'm home, I often do something on my home computer for a good length of time, and I don't want the remote session to lock and require a password when I switch back over to it.

I'm looking for a (Group Policy?) setting that can turn off the screen saver only for remote sessions. Is this possible?

So the workaround for now is, when I'm connected remotely if I uncheck the "On resume, display logon screen" box on the screen saver settings window, this prevents the behavior altogether. I was worried I would have to change my screen saver to "none", but just unchecking the box does it. Less than ideal as I have to remember to recheck it when I go into the office, but I don't think there's a separate setting for this for console vs. remote. — sliderhouserules, Jul 16 '10 at 18:46
Having the same question, but asked it over on SuperUser here: http://superuser.com/questions/482876/ ... but no solution here or there :-| — 0xC0000022L, Oct 03 '12 at 12:51

score 3 · Answer 1 · answered Apr 27 '16 at 00:06

3

I was able to accomplish this with TaskScheduler and Windows Event Viewer logging.

You will need 2 batch scripts. One to disable the checkbox to require password on screensaver unlock and another to re-enable it when your RDP session is over.

Disable script:

reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /f /v ScreenSaverIsSecure /t REG_SZ /d 0

Enable script:

reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /f /v ScreenSaverIsSecure /t REG_SZ /d 1

Have your disable event trigger on Event ID 1149 under TerminalServices-LocalSessionManager

Have your re-enable event trigger on Event ID 24, same place.

TaskScheduler example

Enjoy!

answered Apr 27 '16 at 00:06

BajaResident

31
2

I particularly like this one because I can set more triggers on the re-enable (like on boot) so that I won't get stuck in an insecure state from something like a power outage. – Tyler Szabo Feb 01 '18 at 22:01
I was playing around with this and unfortunately hit a few snags; the registry settings will be set but windows won't honor them right away. – Tyler Szabo Feb 02 '18 at 00:22
Some information on the event ID's can be found [here](https://frsecure.com/blog/rdp-connection-event-logs/). I recommend going to the Event Viewer and attaching tasks from there. – darda Dec 13 '21 at 17:27
And if you just want to turn off the screensaver altogether, the registry value is `ScreenSaveActive` – darda Dec 13 '21 at 17:28

Michael Mior · Answer 2 · 2010-07-16T12:04:00.777

You could make shortcuts to enable/disable your screensaver. I know it's not ideal, but this solution can be done in a few seconds instead of banging your head trying to figure out something automated. That said, if someone more knowledgeable than me can find a way to have a login script only run on remote logon/logoff, then you're set :)

Create a file disable-screensaver.reg with this:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Control Panel\Desktop]
"ScreenSaveActive"="0"

Then create a shortcut to regedit.exe /s disable-screensaver.reg. The enable shortcut is the same but with "ScreenSaveActive"="1" instead of 0.

Thanks, this was what I was going to look at for a permanent workaround if I couldn't find a "pure" solution. — sliderhouserules, Jul 17 '10 at 08:45

score 0 · Answer 3 · answered Jul 15 '10 at 15:15

You might be able to do that with the loopback feature of gpo.

Loopback processing enables you to apply user specific policies depending on the OU in which the computer object is that the user is logging on to. So first create a OU "Terminalserver" or whatever and move your terminal servers into this OU. Create a GPO "Loopback" or whatever, enable the Loopback setting, and link this GPO to the Terminalserver OU. Then you can create additional GPOs with user configuration settings linked to the Terminalserver OU. These policies will be applied to all users logging on to these workstations. To exclude administrators, use the security group filtering. Do the following: For every GPO, create a global security group named, for example, GPol (Global Policy group for GPO ). Make the desired users member of this group. In the security settings for the GPO, remove the "Apply Policy" and "Read policy" right for the default "Authenticated Users", add it for the proper security group instead.

If I understand correctly, this would work for disabling the screen saver for all users (remote or on the console) for specific computers? (Rather than a setting that depends on how the user connects: locally or remote.) — Richard, Jul 16 '10 at 08:38
This seems a lot more involved than I was hoping for. I don't want to set Group Policy on the domain, just my local (work) machine. Thanks for the feedback though. — sliderhouserules, Jul 16 '10 at 18:43

Disable Screen Saver for Remote Sessions Only

3 Answers3