krypted.com

Tiny Deathstars of Foulness

There are 3 registry keys that admins in the Windows world use to enable automatic logins, often required for deployments that require a logged in user to setup user environments, such as configuring app deployments as part of a mass deployment.

The required keys in the registry are:
HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon’ -Name DefaultUserName -Value “Krypted\Administrator”
HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon’ -Name DefaultPassword -Value pass
HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon’ -Name AutoAdminLogon -Value 1

Once set as above the administrator on the domain krypted will automatically authenticate with a password of pass. To put this into a powershell script:

PS C:\> New-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon’ -Name AutoAdminLogon -Value 1
PS C:\> New-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon’ -Name DefaultUserName -Value “Company\Administrator”
PS C:\> New-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon’ -Name DefaultPassword -Value pass

You can then disable auto login with:

PS C:\> New-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon’ -Name AutoAdminLogon -Value 0

Just don’t forget to toss any passwords or they may be found by curious users!

IMG_2167.JPG

December 8th, 2014

Posted In: Active Directory, Mass Deployment, Microsoft Exchange Server, VMware, Windows Server, Windows XP