Network security: Force logoff when logon hours expire This security setting determines whether to disconnect users who are ...

Network security: Force logoff when logon hours expire

This security setting determines whether to disconnect users who are connected to the local computer outside their user account's valid logon hours. This setting affects the Server Message Block (SMB) component.

When this policy is enabled, it causes client sessions with the SMB server to be forcibly disconnected when the client's logon hours expire.

If this policy is disabled, an established client session is allowed to be maintained after the client's logon hours have expired.

Default: Enabled.

Note: This security setting behaves as an account policy. For domain accounts, there can be only one account policy. The account policy must be defined in the Default Domain Policy, and it is enforced by the domain controllers that make up the domain. A domain controller always pulls the account policy from the Default Domain Policy Group Policy object (GPO), even if there is a different account policy applied to the organizational unit that contains the domain controller. By default, workstations and servers that are joined to a domain (for example, member computers) also receive the same account policy for their local accounts. However, local account policies for member computers can be different from the domain account policy by defining an account policy for the organizational unit that contains the member computers. Kerberos settings are not applied to member computers.

Network security: Allow LocalSystem NULL session fallback Allow NTLM to fall back to NULL session when used with LocalSystem. ... Network security: Allow PKU2U authentication requests to this computer to use online identities. This policy will be turned ... Network security: Configure encryption types allowed for Kerberos This policy setting allows you to set the encryption types ... Network security: Do not store LAN Manager hash value on next password change This security setting determines if, at the ... Network security: Force logoff when logon hours expire This security setting determines whether to disconnect users who are ... Network security: LAN Manager authentication level This security setting determines which challenge/response authentication ... Network security: LDAP client signing requirements This security setting determines the level of data signing that is requested ... Network security: Minimum session security for NTLM SSP based (including secure RPC) clients This security setting allows ... Network security: Minimum session security for NTLM SSP based (including secure RPC) servers This security setting allows ...