we are trying to limit domain session time,for example the domain user logon on any pc. and this user can use the pc only 2 hours. after 2 hours the user session logout. and next step same user logon to any pc only 2 times in the same day.
It's possible with gpo?
You could create a scheduled task by GPO, maybe. I've never tried this.
Here are instructions on enforcing a scheduled task by GPO: http://www.mdmarra.com/2014/04/managing-scheduled-tasks-from-group.html
The first task would log off the user after 2 hours. The Trigger would be set to run "At log on" of any user, and set "Delay Task For" to "2 hours". That will make it run 2 hours after any user logs in.
Use the instructions on this page to set the Action to log off the current user (it runs C:\Windows\System32\logoff.exe as the current user): https://blogs.technet.microsoft.com/askds/2010/08/24/forcing-afterhours-user-logoffs/
You would still have to check the number of times the user has logged in. You could do that in a regular login script. But determining how many times the user has logged in might be tricky. You may have to store a counter in some custom way (in a file or database somewhere).
