The Set Password Timeout policy sets the value of Options->Security->Security Timeout. As you stated, when you push the policy down, this value will be set.
The Maximum Security timeout changes the maximum valuable available as an option for Options->Security->Security Timeout.
For example, if you have the User Can Change Timeout policy = TRUE, and set the following policies:
Set Password Timeout = 15 minutes
Maximum Security Timeout = 30 minutes
.... the value of Options->Security->Security Timeout will be 15 minutes, but the user can change it to a maximum of 30 minutes. The user can always make this value lower, if you allow them to change the setting.
You can use them both without any problems.
Of course, there is also the Long Term Timeout and Periodic Challenge Time policies which control locking regardless of activity.
|