How to Exclude Administrator Account from RDP Session Timeout via Local Group Policy

If you have implemented a global RDP session timeout rule on a standalone server but want to ensure that the Administrator account remains unaffected (to prevent long-running tasks or database backups from getting interrupted), you can achieve this using Multiple Local Group Policy Objects (MLGPO).

Step-by-Step Guide:

1. Press Windows Key + R, type mmc, and hit Enter to open an empty Microsoft Management Console.
2. Go to File -> Add/Remove Snap-in… (or press Ctrl + M).
3. Select Group Policy Object Editor from the left column and click Add >.
4. In the wizard popup, click Browse… and navigate to the Users tab.
5. Select the Administrators group, click OK, and then click Finish. Click OK again to close the snap-in window.
6. Now, expand the newly created Local Computer\Administrators Policy on the left side and navigate to:
   User Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Session Time Limits
7. Double-click on “Set time limit for active but idle Remote Desktop Services sessions” (and/or Set time limit for disconnected sessions), set them to Disabled, and click Apply.
8. Open Command Prompt as Administrator and run gpupdate /force to apply changes instantly.

Note: Non-administrative users will still be restricted by the default local policy timeouts, while Administrators will now have unlimited session times.