We need GPO setting to be enabled, when a user idle for 15 mins. on Remote Desktop servers.
AD team try to enable it, It is working for users who are logged in on server and idle for 15mins.
But it is not logging out the the user session who disconnected directly without logging off servers.
(When a user disconnected from server, it will still use memory RAM in user login sessions).
This sounds like the GPO setting is not working as expected, or likely there is a different GPO setting that controls cleanup of disconnected RDP sessions. I don’t think setting this same GPO via BigFix will change the behavior, but you’d need to identify what additional setting is needed. If the AD change is not taking effect on some systems or you have some outside of AD, then BigFix would be a good way to deploy the settings change.
It would be most helpful if you can identify the registry key or settings command that needs to be pushed (Google search should help), and then we can help you construct the BigFix action to deploy it.
There are actually multiple settings you need to configure, not just the one…
See: Configure Timeout and Reconnection Settings for Remote Desktop Services Sessions
Keep in mind, humans need to take breaks so don’t get too restrictive here. Most folks don’t want their session terminated (along with everything they were doing… like upgrading SQL Server) just because they drank too much coffee. 