Feb 14 2023 09:05 AM
We enabled the SSO/MFA preview and now when our Windows 365 RDP sessions time out they are booting the user off of the RDP session with the message "Windows Remote Desktop Client - You were disconnected because your session was locked." This is apparently by design because of the ability to use passwordless authentication and the fact the lock screen can't support this. The timeout appears to currently be 15 minutes which is fairly short if the VDI is not your only system you are working in. I am wondering if anyone knows of a way to extend this timeout to 30 or 60 minutes.
This timeout does not occur if the SSO option is disabled in the provisioning policy.
This is on Windows 365 not Azure VDI so there are no backend RDP server settings to change.
Also, if anyone at Microsoft is reading this why does it pop up 2 of the exact same message boxes at the same time for this disconnection message? Kind of annoying.
Feb 14 2023 02:09 PM
Good Afternoon,
Unfortunately, the timeout for Windows Remote Desktop Client when the session is locked cannot be changed. This timeout is set by default to 15 minutes as a security measure to prevent unauthorized access to the session. The timeout is designed to disconnect the session when the user has been inactive for a certain amount of time and the session is locked.
If you need to extend the timeout to a longer period, you may consider using a different remote desktop solution that allows for longer timeouts or using a virtual desktop infrastructure (VDI) solution that provides a more flexible session timeout. Additionally, you can also configure the screensaver settings on the client machine to a longer timeout to prevent the session from locking. However, please keep in mind that these changes may also introduce security risks, so it's important to weigh the trade-offs and make decisions that align with your organization's security policies and procedures.
Feb 16 2023 03:00 PM
Oct 20 2023 12:12 AM
Apr 24 2024 05:44 AM
I know this is an old thread, but I have the same issue. I have created the config profile as mentioned and still our user sessions disconnect after 15 minutes.
I see the registry key change to the time I specified in the config profile. Just does not seem to work for me, unless they (MS) have implemented something else to force this 15 minute rule
Apr 24 2024 06:01 AM
@jpope76 Hi, we are still using the same config with success:
When we struggled with this we did some testing to verify. Playing a long youtube video also kept the session from unlocking. (This is by design from MS, the sessions is active while the video is playing). Maybe you could use this test to see if there is something else locking the session.
Apr 24 2024 06:24 AM - edited Apr 24 2024 06:25 AM
@Joachim500
That is the exact same setting I have as I mentioned, but it still disconnects after 15 minutes. I have it set to 2 hours.
Can't really tell users to keep playing youtube clips to keep their session active, though that does keep it from locking from testing.
Apr 26 2024 08:11 AM
@jpope76 , @CM42 , @Joachim500 , @Mark_Albin - Hi folks!
Actually, to prevent the Remote Desktop session from disconnecting without input, apply the following configuration (through Settings Catalog):
The easy search term is active but idle. You then have options for what to configure it to, and you can apply it to the user or the device. Please let me know if this works for you!