Check or Attack Name: Forced Logoff

A user whose logon hours have expired is not forced to log off. If this option is not enabled, users will not be forced to log out once their allowed login hours expire. This situation allows a user to maintain open connections. If your security policy restricts logon hours, you may want to enable this feature.

Enable forced logoffs.

From a Primary Domain Controller (PDC), enable logoffs:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the account from the list.
3. From the Policies menu, select Account to display the Account Policy dialog box.
4. Select the Forcibly Disconnect Remote Users From the Server When Logon Hours Expire check box. This option is visible only when the server is the PDC.

Note: If logon hours are not also restricted, this setting will have no effect.