Pages

Thursday, February 3, 2011

Sysprep and Settings Autologon Keys with FirstLogonCommands

Ran into small problem today when setting up a Vmware View Repurposed Thin Client. The behavior i wanted has the Windows 7 machine running sysprep. On first boot it autologon's to the local administrator account. On that first logon it runs all the nessary FirstLogonCommands from the sysrep unattended file. In those commands are the nessary commands to change the autologon to have it login to a local viewuser account that has had it window shell replaced. The problem was that the FirstLogonCommands where failing at setting the autologon registry keys correctly.

Problem
It turns out that because AutoLogonCount is set to 1, on logon it decrements it to zero. On logoff and reboot when Windows 7 sees the AutoLogonCount set to zero it deletes the keys "AutoAdminLogon", "AutoLogonCount", and "DefaultPassword" from the registry. Those same values I had just set for the ViewUser.

Solution
The easy solution is easy, I just have to add a command to delete the AutoAdminLogon key from the registry my self. Then Windows never goes back and cleans up the Auto Logon Registry keys that where just set.

<AutoLogon>
    <Password>
        <Value>password</Value>
        <PlainText>true</PlainText>
    </Password>
    <Domain>.</Domain>
    <Enabled>true</Enabled>
    <LogonCount>1</LogonCount>
    <Username>Administrator</Username>
</AutoLogon>

This is how it will look in the sysprep unattended file to set the autologon after the administrator autologon.

      <SynchronousCommand wcm:action="add">
        <CommandLine>cmd /c reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v AutoLogonCount</CommandLine>
        <Description>Remove AutoLogonCount so that other autologon settings stay</Description>
        <Order>18</Order>
        <RequiresUserInput>false</RequiresUserInput>
      </SynchronousCommand>
      <SynchronousCommand wcm:action="add">
        <CommandLine>cmd /c reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v DefaultDomainName /t Reg_SZ /d .</CommandLine>
        <Description>Set default Domain for autologon</Description>
        <Order>19</Order>
        <RequiresUserInput>false</RequiresUserInput>
      </SynchronousCommand>
      <SynchronousCommand wcm:action="add">
        <CommandLine>cmd /c reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v DefaultUserName /t Reg_SZ /d ViewUser</CommandLine>
        <Description>Set default UserName for autologon</Description>
        <Order>20</Order>
        <RequiresUserInput>false</RequiresUserInput>
      </SynchronousCommand>
      <SynchronousCommand wcm:action="add">
        <CommandLine>cmd /c reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v DefaultPassword /t Reg_SZ /d password</CommandLine>
        <Description>Set default Password for autologon</Description>
        <Order>21</Order>
        <RequiresUserInput>false</RequiresUserInput>
      </SynchronousCommand>
      <SynchronousCommand wcm:action="add">
        <CommandLine>cmd /c reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v AutoAdminLogon /t Reg_SZ /d 1</CommandLine>
        <Description>Set AutoLogon to enabled </Description>
        <Order>22</Order>
at Thursday, February 03, 2011
Labels: , , ,

10 comments:

  1. AnonymousFebruary 5, 2011 at 2:44 AM

    By the way, for permanent autologon with encrypted password you can use Logonexpert tool

    ReplyDelete
  2. LimpatFebruary 24, 2011 at 11:57 AM

    hi,

    where should i put that script ?

    ReplyDelete
  3. Chris TowlesFebruary 24, 2011 at 2:50 PM

    By Script do you mean where do you put sysrep unattended file? If so i put mine in "c:\Windows\System32\sysprep" folder and then put a SynchronousCommand in to delete the file as it contains passwords.

    ReplyDelete
  4. LimpatFebruary 25, 2011 at 5:05 AM

    what registry key should i delete if i don't want to use "Autologin" after sysprep process ?

    Thanks

    ReplyDelete
  5. Chris TowlesFebruary 28, 2011 at 2:05 PM

    If you don't want sysprep to autologin; just don't include that part in your unattended file. I think you may be missing a step of this. if you want email me i'll try to help you off line.
    Christowlesblog@gmail.com

    ReplyDelete
  6. AnonymousJune 15, 2011 at 3:41 PM

    What if I want to autologon twice? once to change the PC name and again to join the domain...but after that, not autologon? Just set the autologon to 2 in the unattend.xml file? according to the Help, it resets at each reboot...

    ReplyDelete
  7. AnonymousFebruary 17, 2012 at 8:20 AM

    I ran into the same problem. In discoverd that removing the autologoncount from the registry is not enough, it still counted down.
    What i did to solve the problem is after making the answerfile with wsim, was removing the counter afterwards from the xml by hand. This can't be done from wsim.
    Now it automatic logs on until i remove the logon account by script or hand

    Best regards,

    BB2000

    ReplyDelete
  8. AnonymousJuly 10, 2013 at 8:48 AM

    This looks sweet, and the Vmware document you made was absolutely brilliant.

    How does your complete autounattend.xml looks like? I got into the same issues as you with autologin after sysprep.

    Mark

    ReplyDelete
  9. AnonymousJuly 25, 2013 at 6:20 AM

    You made my day, Chris!!

    Thank you very much!

    ReplyDelete
  10. AnonymousAugust 6, 2013 at 8:27 PM

    Awesome! Was having the same exact problem. Thank you for posting the solution!!

    ReplyDelete

Please leave a comment; someone, anyone!

Subscribe to: Post Comments (Atom)